CVE-2021-25672

EPSS 0.9%CWE-284

A vulnerability has been identified in Mendix Forgot Password Appstore module (All Versions < V3.2.1). The Forgot Password Marketplace module does not properly control access. An attacker could take over accounts.

Affected products

Siemens · Mendix Forgot Password Appstore module

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert-portal.siemens.com/productcert/pdf/ssa-917115.pdf