CVE-2018-19187

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt