Vulnerabilities > Openwaygroup

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-11	CVE-2021-35059	Cross-site Scripting vulnerability in Openwaygroup Way4 OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enroll action parameter. network low complexity openwaygroup CWE-79	6.1
2021-10-11	CVE-2021-35060	Information Exposure Through an Error Message vulnerability in Openwaygroup Way4 /way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system. network low complexity openwaygroup CWE-209	5.3

Vulnerabilities > Openwaygroup {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Openwaygroup"}]}