Cross-site Scripting (XSS)

2017-05-2307:56:35

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

31.3%

JSON

heartland-php is vulnerable to reflected cross-site scripting (XSS) attacks. These attacks are possible because the parameters are not filtered before being used in the code.

CPENameOperatorVersion
hps/heartland-phple2.8.17

CPE	Name	Operator	Version
	hps/heartland-php	le	2.8.17

References

github.com/hps/heartland-php/issues/28

github.com/jgj212

0.001 Low

EPSS

Percentile

31.3%

JSON

Related for VERACODE:4283