Eastnets PaymentSafe BIC Search cross site scripting

A vulnerability was found in Eastnets PaymentSafe 2.5.26.0. It has been classified as problematic. This affects an unknown part of the component BIC Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.5.27.0 is able to address this issue.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Eastnets PaymentSafe 代码注入漏洞

Eastnets PaymentSafe是阿联酋Eastnets公司的一款快速的gpi付款筛选解决方案，可实时检测和预防欺诈行为。 Eastnets PaymentSafe 2.5.26.0版本存在代码注入漏洞，该漏洞源于组件BIC Search会导致跨站脚本攻击。

N/A

N/A