Home
Description
CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to bypass payment authorization by disabling Bluetooth at a specific point during a transaction. This could result in unauthorized use of laundry services and potential financial loss.
References
www.cscsw.com/disclosure-process/
github.com/...C-Pay-Mobile-App-Payment-Authentication-Bypass