VYPR

Packagist (Composer) package

cardgate/magento2

pkg:composer/cardgate/magento2

Vulnerabilities (1)

  • CVE-2020-8818Feb 25, 2020
    affected < 2.0.33fixed 2.0.33

    An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key,