CVE-2022-26313

A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt