Описание
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).
Ссылки
- Product
- Third Party Advisory
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:tranzware_payment_gateway_project:tranzware_payment_gateway:3.1.12.3.2:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01018
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).
EPSS
Процентиль: 77%
0.01018
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79