<p>The Mendix OIDC SSO module grants read and write access to all tokens
exclusively to the Administrator role and could result in privilege
misuse by an adversary modifying the module during Mendix
development.</p>
<p>Siemens has released new versions for several affected products and
recommends to update to the latest versions. Siemens is preparing
further fix versions and recommends specific countermeasures for
products where fixes are not, or not yet available.</p>
Source link
