Non-Persistent Cross-Site Scripting in Multiple Payment Terminals from Various Vendors

CVE-2021-47885

What is CVE-2021-47885?

Multiple payment terminal versions have been found to be susceptible to non-persistent cross-site scripting (XSS) vulnerabilities, specifically within the billing and payment information input fields. This vulnerability allows attackers to inject malicious scripts through vulnerable parameters. If successfully exploited, it can result in manipulation of client-side requests, potentially leading to session hijacking or phishing attacks targeting users. It is crucial for users and administrators of these payment terminals to apply security patches and updates to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References