cve/2020/CVE-2020-28414.md

CVE-2020-28414

Description

A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).

POC

Reference

No PoCs from references.

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/jet-pentest/CVE-2020-28414
• https://github.com/jet-pentest/CVE-2020-28415
• https://github.com/nomi-sec/PoC-in-GitHub