Headline
CVE-2022-46823
A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.0 < V3.3.9), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.8). The affected module is vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a malicious link.
%PDF-1.5 %���� 56 0 obj << /Length 2384 /Filter /FlateDecode >> stream xڽZ[s�6~���#5SѸ�ȴ;�:N&�8�Zr�;I��9�D-I����s�&%Y�WN� ppn��$�m@��’��NN���(���M�I+hc"Iu0���i�-�U53��,ݔ�1�a^��&��yU� '��:b�so�eY�7i}v~5�ٳ���N�g’�=�� �2Ҝ����$�û�q�v�2�GRpx^ӓ�/T�ۣ��i�"�C4c-Z�V?��GFh�U�4U�W�t2F)"^� D��(�9���ݼCB��:��4��qN���h����Ӽ�v�`<���T;�=B0�#�� !Hd�9$cJo�!-�u��nw��DGB�c��TAxĥ:�>�*�q��O#E��b����|��kW G1=J �`� odQ�iI֗"_��-���:�mG��<��� 1�>��j����y �2�(�U�d6���$�m�\�����(��LČ{�E�3�2���m�݊*$3 .��ˍ��
Related news
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter