CVE-2025-40834

CVSS v3.1

5.7

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mendix RichText versions 4.0.0 through 4.6.0

Description The Mendix RichText widget does not properly neutralize input, which could allow an attacker to execute cross-site scripting attacks.

Recommendations Update to version 4.6.1 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2025-40834

Mendix Richtext