Headline

CVE-2022-46823

A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.0 < V3.3.9), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.8). The affected module is vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a malicious link.

1 year ago

CVE

Open in Source

#xss #vulnerability #pdf

%PDF-1.5 %�� 56 0 obj << /Length 2384 /Filter /FlateDecode >> stream xڽZ[s�6~��#5SѸ�ȴ;�:N&�8�Zr�;I��9�D-I��s�&%Y�WN� ppn��$�m@��’��NN��(��M�I+hc"Iu0��i�-�U53��,ݔ�1�a^��&��yU� '��:b�so�eY�7i}v~5�ٳ��N�g’�=�� 2Ҝ��$�û�q�v�2�GRpx^ӓ�/T�ۣ��i�"�C4c-Z�V?��GFh�U�4U�W�t2F)"^� D��(�9��ݼCB��:��4��qN��h��Ӽ�v�`<��T;�=B0�#�� !Hd�9$cJo�!-�u��nw��DGB�c��TAxĥ:�>�*�q��O#E��b��|��kW G1=J �`� odQ�iI֗"_��-��:�mG��<�� 1�>��j��y �2�(�U�d6��$�m�\��(��LČ{�E�3�2��m�݊*$3 .��ˍ��

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter

1 year ago

The Hacker News

Open in Source

#xss #vulnerability #dos #rce #perl #auth #ssl #The Hacker News