Saturday, August 22, 2015

XSS in Paypal (Bug Bounty)

I have found an XSS Vulnerability in Paypal. It is located on their main site (https://www.paypal.com/). Unfortunately my report was Duplicate, another researcher already found the bug. Anyway, here is the POC:

  


Duplicate:




Timeline:

June 1 ------ Bug found

June 3 ------ Confirmed the vulnerability, gave me a case number.

June 5 ------ Said it was duplicate :( 


Thats all. Thanks. 

No comments:

Post a Comment