What the vulnerability does
01Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through < 3.8.8.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through < 3.8.8.
Explanation of Vulnerability in Simple Terms
PayU India versions 3.8.8 and earlier contain an authentication bypass vulnerability. An attacker can gain unauthorized access to the payment system without valid credentials. The vulnerability affects confidentiality, integrity, and availability of the service. Organizations using affected versions should update immediately.
What an attacker can do
Gain unauthorized access to the PayU payment system without valid credentials.
Potential impact on your site
Attackers can read, modify, or disrupt payment data and transactions on your site.
Conditions required to exploit
Network access to the PayU India service; no authentication or user interaction required.
Key dates
External resources