CVE-2024-25283 – RedSys – Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure 2.0 –

by · September 11, 2024

– [[{“value”:”

Posted by RUBEN LOPEZ HERRERA on Sep 11

Product: 3DSecure 2.0
Manufacturer: Redsys
Affected Version(s): 3DSecure 2.0 3DS Authorization Challenge
Tested Version(s): 3DSecure 2.0 3DS Authorization Challenge
Vulnerability Type: Cross-Site Scripting (XSS)
Risk Level: Medium
Solution Status: Not yet fixed
Manufacturer Notification: 2024-01-17
Solution Date: N/A
Public Disclosure: 2024-09-17
CVE Reference: CVE-2024-25283

Overview:
Multiple reflected Cross-Site Scripting (XSS)…
“}]] – Read More – Full Disclosure

CVE-2024-25283 – RedSys – Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure 2.0 –

Recent Posts