Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
No reference.
Tue, 22 Oct 2024 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-79 | |
| References |
|
|
| Metrics |
cvssV3_1
|
Tue, 22 Oct 2024 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | ||
| Vendors & Products |
3dsecure
3dsecure 3dsecure |
|
| Metrics |
ssvc
|
Tue, 22 Oct 2024 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | 3DSecure 2.0 allows form action hijacking via threeDsMethod.jsp?threeDSMethodData= or the threeDSMethodNotificationURL parameter. The destination web site for a form submission can be modified. | DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. |
Wed, 09 Oct 2024 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
3dsecure
3dsecure 3dsecure |
|
| Weaknesses | CWE-79 | |
| CPEs | cpe:2.3:a:3dsecure:3dsecure:2.0:*:*:*:*:*:*:* | |
| Vendors & Products |
3dsecure
3dsecure 3dsecure |
|
| Metrics |
cvssV3_1
|
Wed, 09 Oct 2024 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | 3DSecure 2.0 allows form action hijacking via threeDsMethod.jsp?threeDSMethodData= or the threeDSMethodNotificationURL parameter. The destination web site for a form submission can be modified. | |
| References |
|
Subscriptions
No data.
Status: REJECTED
Assigner: mitre
Published:
Updated: 2024-10-22T20:56:47.653Z
Reserved: 2024-02-07T00:00:00.000Z
Link: CVE-2024-25285
Updated:
Status : Rejected
Published: 2024-10-09T04:15:07.700
Modified: 2024-10-22T21:15:06.350
Link: CVE-2024-25285
No data.
OpenCVE Enrichment
No data.
No weakness.