CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). The affected module is vulnerable to XML External Entity (XXE) attacks due to insufficient input sanitation. This may allow an attacker to disclose confidential data under certain circumstances.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*
cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*
cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-06-14 10:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-32285

Mitre link : CVE-2022-32285

CVE.ORG link : CVE-2022-32285


JSON object : View

Products Affected

mendix

  • saml
CWE
CWE-611

Improper Restriction of XML External Entity Reference