cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-43623,https://securityvulnerability.io/vulnerability/CVE-2023-43623,User Enumeration Vulnerability in Mendix Forgot Password Modules,"A security issue has been discovered in the Mendix Forgot Password modules across multiple compatible versions, where applications allow for user enumeration due to distinguishable responses. This vulnerability can be exploited by unauthenticated remote attackers, enabling them to ascertain the validity of a username. Once valid users are identified, the attackers can leverage this information to execute brute force attacks, further compromising user accounts and potentially gaining unauthorized access.",Siemens,"Mendix Forgot Password (mendix 10 Compatible),Mendix Forgot Password (mendix 7 Compatible),Mendix Forgot Password (mendix 8 Compatible),Mendix Forgot Password (mendix 9 Compatible)",5.3,MEDIUM,0.0004799999878741801,false,,false,false,false,,false,false,2023-10-10T11:15:00.000Z,0
CVE-2023-27464,https://securityvulnerability.io/vulnerability/CVE-2023-27464,Information Disclosure Vulnerability in Mendix Forgot Password Module,"A vulnerability exists in the Forgot Password module for various Mendix versions which may allow attackers to exploit an observable response discrepancy. This issue could facilitate the unauthorized retrieval of sensitive information from the application, posing a significant risk to user data and privacy. Users are advised to update to the latest versions to mitigate potential security risks.",Siemens,"Mendix Forgot Password (Mendix 7 compatible),Mendix Forgot Password (Mendix 8 compatible),Mendix Forgot Password (Mendix 9 compatible)",5.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,2023-04-11T10:15:00.000Z,0
CVE-2022-26314,https://securityvulnerability.io/vulnerability/CVE-2022-26314,,"A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1), Mendix Forgot Password Appstore module (Mendix 7 compatible) (All versions < V3.2.2). Initial passwords are generated in an insecure manner. This could allow an unauthenticated remote attacker to efficiently brute force passwords in specific situations.",Siemens,"Mendix Forgot Password Appstore Module,Mendix Forgot Password Appstore Module (mendix 7 Compatible)",9.8,CRITICAL,0.004749999847263098,false,,false,false,false,,false,false,2022-03-08T11:31:36.000Z,0