DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References

No reference.

History

Tue, 22 Oct 2024 21:30:00 +0000


Tue, 22 Oct 2024 21:00:00 +0000

Type Values Removed Values Added
Description 3DSecure 2.0 allows reflected XSS in the 3DS Authorization Method via the threeDsMethod.jsp threeDSMethodData parameter. DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Wed, 09 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared 3dsecure
3dsecure 3dsecure
Weaknesses CWE-79
CPEs cpe:2.3:a:3dsecure:3dsecure:2.0:*:*:*:*:*:*:*
Vendors & Products 3dsecure
3dsecure 3dsecure
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 09 Oct 2024 03:45:00 +0000

Type Values Removed Values Added
Description 3DSecure 2.0 allows reflected XSS in the 3DS Authorization Method via the threeDsMethod.jsp threeDSMethodData parameter.
References

cve-icon MITRE

Status: REJECTED

Assigner: mitre

Published:

Updated: 2024-10-22T20:56:09.374855

Reserved: 2024-02-07T00:00:00

Link: CVE-2024-25284

cve-icon Vulnrichment

Updated: 2024-10-09T04:03:20.290Z

cve-icon NVD

Status : Rejected

Published: 2024-10-09T04:15:07.597

Modified: 2024-10-22T21:15:06.243

Link: CVE-2024-25284

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.