{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T00:29:12.808","vulnerabilities":[{"cve":{"id":"CVE-2022-46823","sourceIdentifier":"productcert@siemens.com","published":"2023-01-10T12:15:23.753","lastModified":"2024-11-21T07:31:07.160","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.0 < V3.3.9), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.8). The affected module is vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a malicious link."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Mendix SAML (compatible con Mendix 8) (Todas las versiones >= V2.3.0 < V2.3.4), Mendix SAML (compatible con Mendix 9, New Track) (Todas las versiones >= V3.3.0 < V3.3.9), Mendix SAML (compatible con Mendix 9, Upgrade Track) (Todas las versiones >= V3.3.0 < V3.3.8). El módulo afectado es vulnerable a ataques de cross-site scripting (XSS) reflejado. Esto podría permitir a un atacante extraer información confidencial engañando a los usuarios para que accedan a un enlace malicioso."}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*","versionStartIncluding":"2.3.0","versionEndExcluding":"2.3.4","matchCriteriaId":"FA388A2C-406A-4911-96EC-ACB1574B83AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndExcluding":"3.3.9","matchCriteriaId":"506D83D7-350A-4586-83AE-93E56C61C5FE"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-496604.pdf","source":"productcert@siemens.com","tags":["Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-496604.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}