Reflected Cross-Site Scripting Vulnerability in Mendix SAML Products
CVE-2022-46823

9.3CRITICAL

Key Information:

Vendor: Siemens
Status: Mendix Saml (mendix 8 Compatible); Mendix Saml (mendix 9 Compatible, New Track); Mendix Saml (mendix 9 Compatible, Upgrade Track)
Vendor: CVE Published:; 10 January 2023

What is CVE-2022-46823?

A reflected cross-site scripting vulnerability has been detected in specific versions of the Mendix SAML module. This vulnerability allows attackers to potentially extract sensitive user data by deceiving users into clicking malicious links. The affected versions of Mendix SAML include several iterations compatible with Mendix 8 and 9, making it crucial for users to update their software to mitigate the risks associated with this exploit.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Mendix SAML (Mendix 8 compatible) All versions >= V2.3.0 < V2.3.4

Mendix SAML (Mendix 9 compatible, New Track) All versions >= V3.3.0 < V3.3.9

Mendix SAML (Mendix 9 compatible, Upgrade Track) All versions >= V3.3.0 < V3.3.8

References

https://cert-portal.siemens.com/productcert/pdf/ssa-49660...

CVSS V3.1

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 10, 2023
Vulnerability Reserved
Dec 8, 2022

JSON

Siemens

What is CVE-2022-46823?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.