← Back

Openwaygroup

openwaygroup

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Way4
way4
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-35060
1Openwaygroup
1Way4
Jun 17, 2026
Oct 11, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.
CVE-2021-35059
1Openwaygroup
1Way4
Jun 17, 2026
Oct 11, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enroll action parameter.