← Back to CVE List

CVE-2022-31257

Published: 2022-07-12T10:15Z
Last Modified: 2024-11-21T07:04Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt