GHSA-f5vf-w827-3pgv

Опубликовано: 09 окт. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

3DSecure 2.0 allows reflected XSS in the 3DS Authorization Method via the threeDsMethod.jsp threeDSMethodData parameter.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2024-25284
https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html
https://seclists.org/fulldisclosure/2024/Sep/29

5.4 Medium

CVSS3

CVE ID

CVE-2024-25284

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-25284

nvd

больше 1 года назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

5.4 Medium

CVSS3

CVE ID

CVE-2024-25284

Дефекты

CWE-79