VYPR

MendixSSO

by Mendix

CVEs (1)

  • CVE-2020-8160MedJan 6, 2021
    risk 0.40cvss 6.1epss 0.01

    MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a…