2 matches found
CVE-2024-25283
The CVE-2024-25283 entry concerns 3DSecure 2.0, specifically the 3DS Authorization Challenge. A reflected Cross‑Site Scripting (XSS) vulnerability exists in the /rest/online endpoint where the modified params parameter in a /redirect?action=challenge&txn=… URL is not sanitized, enabling injection...
CVE-2024-25283
...