2 matches found
CVE-2020-28415
CVE-2020-28415 describes a reflected cross-site scripting (XSS) vulnerability in TranzWare Payment Gateway 3.1.12.3.2. Multiple connected sources (e.g., CNVD entries) indicate an attack vector where a crafted URL can cause the application to output arbitrary HTML, enabling an attacker to potentia...
CVE-2020-28414
CVE-2020-28414 describes a reflected XSS in Compassplus TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker can trigger arbitrary HTML code via a crafted URL, as per the NVD entry. Connected records also associate a related CVE-2020-28415. The root cause and exact exploit deta...