October, 2010

Paypal Sender Country XSS

Paypal Sender Country XSS

A new XSS vulnerability was identified on Paypal.com earlier today, found by d3v1l and disclosed on both Security-Shell and XSSed. The problem is with the parameter sender_country in a transaction called nvpsm. NVP is Paypal‚Äôs API for Merchants to use when interacting with the Paypal web site, it stands for Name-Value Pair. SM is short […]

Read More →

Read More →

Top