← Back

Authorize.net

authorize.net

Vendor: Harald Ponce De Leon • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-5793
2Harald Ponce De Leon
Oscommerce
2Authorize.net
Oscommerce
Apr 29, 2026
Nov 4, 2012
N/A· v4
N/A· v3
5.8 MEDIUM· v2
The Authorize.Net module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle att...Show more
The Authorize.Net module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.Show less