CVE-2024-25283

Опубликовано: 09 окт. 2024

Источник: nvd

Описание

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Связанные уязвимости

GHSA-hr5m-r6hv-j389

CVSS3: 5.4

github

больше 1 года назад

3DSecure 2.0 allows reflected XSS in the 3DS Authorization Challenge via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring.