Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34467 | 1 Mendix | 1 Excel Importer | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component. | |||||
CVE-2021-31339 | 1 Mendix | 1 Excel Importer | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework. |