Unrated severityNVD Advisory· Published Mar 8, 2022· Updated Aug 3, 2024
CVE-2022-26313
CVE-2022-26313
Description
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts.
Affected products
2>=3.3.0 <3.5.1+ 1 more
- (no CPE)range: >=3.3.0 <3.5.1
- (no CPE)range: All versions >= V3.3.0 < V3.5.1
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/pdf/ssa-134279.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.