Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (All versions < V9.6.2). Applications built with affected versions of Mendix Studio Pro do not properly control write access for certain client actions. This could allow authenticated attackers to manipulate the content of System.FileDocument objects in some cases, regardless whether they have write access to it.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
Siemens Mendix 安全漏洞
Vulnerability Description
Siemens Mendix是德国西门子(Siemens)公司的一套低代码应用程序开发平台。该平台提供应用程序开发、测试、部署和迭代等功能。 Siemens Mendix 存在安全漏洞,该漏洞源于使用受影响的Mendix Studio Pro版本构建的应用程序不能正确地控制某些客户端操作的写访问。这可能允许经过身份验证的攻击者可利用该漏洞操纵System的内容。FileDocument对象在某些情况下,不管它们是否具有对它的写访问权。
CVSS Information
N/A
Vulnerability Type
N/A