Mendix: >> Excel Importer >> 5.19.0 Security Vulnerabilities
A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-07-12
A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-05-12