VYPR
Vendor

OpenWay

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2021-35059MedOct 11, 2021
    risk 0.40cvss 6.1epss 0.01

    OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enroll action parameter.

  • CVE-2021-35060MedOct 11, 2021
    risk 0.35cvss 5.3epss 0.01

    /way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.