CVE-2024-25285

Опубликовано: 09 окт. 2024

Источник: nvd

Описание

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Связанные уязвимости

GHSA-ggm3-qx64-63ch

CVSS3: 6.1

github

больше 1 года назад

3DSecure 2.0 allows form action hijacking via threeDsMethod.jsp?threeDSMethodData= or the threeDSMethodNotificationURL parameter. The destination web site for a form submission can be modified.