Skip to content

v6.2.6 - Fix Apple Pay processing #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
paeddl merged 1 commit into from
Nov 26, 2024
Merged

v6.2.6 - Fix Apple Pay processing #105

paeddl merged 1 commit into from
Nov 26, 2024

Conversation

@paeddl
Copy link
Contributor

@paeddl paeddl commented Nov 26, 2024

Fix Apple Pay processing

@paeddl paeddl merged commit d7f5212 into SW6.6 Nov 26, 2024
1 check passed
@github-actions
Copy link

github-actions bot commented Nov 26, 2024

Logo
Checkmarx One – Scan Summary & Details8b34441e-a448-4a39-bfc7-60f4438b059e

New Issues

Severity Issue Source File / Package Checkmarx Insight
CRITICAL Stored_XSS /vendor/unzerdev/php-sdk/test/Fixtures/JsonProvider.php: 24 Attack Vector
HIGH Client_DOM_Stored_XSS /vendor/unzerdev/php-sdk/examples/Applepay/index.php: 172 Attack Vector
HIGH Client_DOM_Stored_XSS /vendor/unzerdev/php-sdk/examples/Applepay/index.php: 151 Attack Vector
MEDIUM Broken_or_Risky_Hashing_Function /src/Components/AddressHashGenerator/AddressHashGenerator.php: 34 Attack Vector
MEDIUM Missing_HSTS_Header /vendor/autoload.php: 7 Attack Vector
MEDIUM Missing_HSTS_Header /vendor/unzerdev/php-sdk/examples/Googlepay/index.php: 144 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 90 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/examples/PaylaterInstallment/Controller.php: 105 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/examples/PaylaterDirectDebit/Controller.php: 100 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/examples/PaylaterInvoice/Controller.php: 80 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/examples/PayPal/Controller.php: 80 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Unzer.php: 684 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 138 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 133 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Unzer.php: 679 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Unzer.php: 679 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Unzer.php: 679 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 138 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 133 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 138 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Services/PaymentService.php: 133 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/src/Unzer.php: 679 Attack Vector
MEDIUM Privacy_Violation /vendor/unzerdev/php-sdk/examples/PayPal/Controller.php: 80 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/Backend/UpdateTransactionController.php: 43 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/Backend/UpdateTransactionController.php: 44 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/PayPalRecurring/Controller.php: 39 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/PaylaterInstallment/Controller.php: 52 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/PaylaterDirectDebit/Controller.php: 47 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/PaylaterInvoice/Controller.php: 46 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/PayPal/Controller.php: 46 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/InstallmentSecured/Controller.php: 44 Attack Vector
MEDIUM SSRF /vendor/unzerdev/php-sdk/examples/CardRecurring/Controller.php: 41 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Googlepay/Controller.php: 23 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Googlepay/Controller.php: 23 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Alipay/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Applepay/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Applepay/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Applepay/merchantvalidation.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Applepay/merchantvalidation.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Bancontact/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/BankTransfer/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Card/Controller.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Card/Controller.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/CardExtended/Controller.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/CardExtended/Controller.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/CardRecurring/Controller.php: 23 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/CardRecurring/RecurringPaymentController.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/CardRecurring/ReturnController.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/EmbeddedPayPage/Controller.php: 30 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/EmbeddedPayPage/Controller.php: 30 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/EPSCharge/Controller.php: 24 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Giropay/Controller.php: 24 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/HostedPayPage/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/HostedPayPage/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/IDeal/Controller.php: 24 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/InstallmentSecured/confirm.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/InstallmentSecured/Controller.php: 26 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/InstallmentSecured/Controller.php: 26 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/InstallmentSecured/PlaceOrderController.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Invoice/Controller.php: 23 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/InvoiceSecured/Controller.php: 26 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Klarna/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Klarna/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Klarna/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PaylaterDirectDebit/Controller.php: 28 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PaylaterDirectDebit/Controller.php: 28 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PaylaterInstallment/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PaylaterInstallment/Controller.php: 29 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PaylaterInvoice/Controller.php: 27 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PaylaterInvoice/Controller.php: 27 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PayPal/Controller.php: 25 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PayPal/Controller.php: 25 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PayPalRecurring/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PayPalRecurring/ReturnController.php: 22 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PayU/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PostFinanceCard/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/PostFinanceEfinance/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Prepayment/Controller.php: 23 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Przelewy24/Controller.php: 24 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/ReturnController.php: 38 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/SepaDirectDebitSecured/Controller.php: 23 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Sofort/Controller.php: 21 Attack Vector
MEDIUM Session_Fixation /vendor/unzerdev/php-sdk/examples/Wechatpay/Controller.php: 23 Attack Vector
LOW Client_Hardcoded_Domain /src/Resources/app/storefront/src/unzer/unzer-payment.google-pay.plugin.js: 127 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Googlepay/index.php: 26 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Googlepay/index.php: 20 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Success.php: 29 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Backend/ManagePayment.php: 34 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Backend/ManagePayment.php: 31 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Backend/ManagePayment.php: 29 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Backend/Failure.php: 20 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Backend/Failure.php: 18 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Pending.php: 15 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Pending.php: 17 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Success.php: 31 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Failure.php: 17 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Failure.php: 15 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Googlepay/index.php: 25 Attack Vector
LOW Client_Hardcoded_Domain /src/Resources/app/storefront/src/unzer/unzer-payment.apple-pay.plugin.js: 74 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Sofort/index.php: 22 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Sofort/index.php: 27 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Webhooks/fetchAll.php: 45 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Webhooks/fetchAll.php: 49 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Webhooks/index.php: 52 Attack Vector
LOW Client_Hardcoded_Domain /vendor/unzerdev/php-sdk/examples/Webhooks/index.php: 56 Attack Vector
LOW

More results are available on AST platform

@paeddl paeddl deleted the v6.2.6 branch November 26, 2024 08:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@paeddl