A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2022-03-08T11:31:34

Updated: 2024-08-03T05:03:31.844Z

Reserved: 2022-02-28T00:00:00

Link: CVE-2022-26313

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-08T12:15:11.777

Modified: 2024-11-21T06:53:44.287

Link: CVE-2022-26313

cve-icon Redhat

No data.