A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).
References
Link | Resource |
---|---|
https://compassplus.com/solutions/tranzware/ | Product |
https://github.com/jet-pentest/CVE-2020-28414/blob/main/README.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-12T19:39:14
Updated: 2020-11-12T19:39:14
Reserved: 2020-11-10T00:00:00
Link: CVE-2020-28414
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-12T20:15:26.267
Modified: 2020-11-17T15:43:02.947
Link: CVE-2020-28414
JSON object: View
Redhat Information
No data.
CWE