Detail

Credit Card Disclosure

Severity: Information

Summary #

Invicti identified a possible credit card number disclosure.

Impact #
It is not mandatory for a merchant to require the security code for making a transaction, hence the card is still prone to fraud even if only its number is known to phishers.
Remediation #
We strongly advise you not to expose credit card numbers on your website.
Classifications #
PCI v3.1-6.5.3; PCI v3.2-6.5.3; CAPEC-118; CWE-213; ISO27001-A.18.1.4; WASC-13; OWASP PC-C7; OWASP 2013-A6; OWASP 2017-A3
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Tags

OWASP 2013-A6  OWASP 2017-A3 

Related Vulnerabilities

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo

Invicti Security Corp
220 Industrial Blvd Ste 102
Austin, TX 78745

© Invicti 2022

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Invicti 2022

SSA Privacy Policy California Privacy Rights Terms of Use Accessibility Sitemap