CVE-2024-25282

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

22 Oct 2024, 21:15

Type	Values Removed	Values Added
CWE	~~CWE-79~~
CVSS	v2 : ~~unknown~~ v3 : ~~5.4~~	v2 : unknown v3 : unknown
References	~~{'url': 'https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html', 'source': 'cve@mitre.org'}~~ ~~{'url': 'https://seclists.org/fulldisclosure/2024/Sep/27', 'source': 'cve@mitre.org'}~~
Summary	~~(es) 3DSecure 2.0 permite XSS en su autenticación 3DSMethod a través de un parámetro params modificado en una solicitud /rest/online con una subcadena /redirect?action=challenge&txn=.~~
Summary	~~(en) 3DSecure 2.0 allows XSS in its 3DSMethod Authentication via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring.~~	(en) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

09 Oct 2024, 15:35

Type	Values Removed	Values Added
CWE		CWE-79
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.4
Summary		(es) 3DSecure 2.0 permite XSS en su autenticación 3DSMethod a través de un parámetro params modificado en una solicitud /rest/online con una subcadena /redirect?action=challenge&txn=.

09 Oct 2024, 04:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-09 04:15

Updated : 2024-10-22 21:15

NVD link : CVE-2024-25282

Mitre link : CVE-2024-25282

CVE.ORG link : CVE-2024-25282

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-25282

Attach tags to `CVE-2024-25282`