Vulnerabilities > CVE-2004-1209 - Remote Security vulnerability in Payflow Link
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the data in the hidden AMOUNT field, which allows remote attackers to modify the price of the items that they purchase.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |