Improper input validation in Firstdata Linkpoint
CVE-2012-5808
The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL serve…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.006 (42.4th percentile) — read the EPSS interpretation.
Affected products
- Firstdata Linkpoint
- Zen-cart Zen_cart
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Exploit, x_refsource_MISC)