Persistent Flaws In PayPal Allow Cybercriminals To Hijack User Sessions And More

October 02, 2012 By Ali Loney

1 minute read time

Softpedia – (International) Persistent flaws in PayPal allow cybercriminals to hijack user sessions and more. Multiple Web vulnerabilities have been identified by Vulnerability Lab researchers on the official PayPal Web site, Softpedia reported October 2. The high-severity security holes could have been exploited by a remote attacker against Pro, seller, or regular customer accounts. A persistent input validation vulnerability is detected in the official Paypal e-commerce website content management system (Customer/Pro/Seller). The bugs allow remote attackers to implement/inject malicious script code on the application side (persistent) of the paypal web service - page 5

Source: http://news.softpedia.com/news/Persistent-Flaws-in-PayPal-Allow-Cybercriminals-to-Hijack-User-Sessions-and-More-296107.shtml

Tags: component vulnerabilities, AppSec Spotlight

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.