A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running applications. The vulnerability could allow a malicious user to leak sensitive information in a certain configuration.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NMendix
APPMendix9.11.0 – 9.15.0 (bez)
Related vulnerabilities
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Ap...
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Ap...
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Ap...
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentic...
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Ap...