Critical Vulnerability in PayPal
Thank you for the notification regarding the vulnerable button implementations on merchant sites. At this time, we are actively investigating the noted issues within our customers implementations. All issues will be handled professionally and quickly. Again we appreciate you bringing this to our attention.
PayPal Site Security
Google lists a whopping 1,390,000 results. So this number of sites are at risk & easy to be exploited. The internet is flooding with this vulnerability & it’s exploit, but the biggest question is that the PayPal, which is considered the most secure payment service doesn’t get attention till now about this theft.
This vulnerability and post has been submitted by Farhan Ghumra , a computer engineer student from Rajkot, India.
This blog-post is provided to you as-is basis. The opinions expressed in this post are not those of website/blog owner, Rishi Narang or any other author except the one explicitly mentioned in this blog-post. While this weblog makes every effort to ensure that the contents within are accurate and complete, this weblog makes no representation or warranty, whether express or implied, as to the operation, integrity, availability or functionality of this weblog or as to the accuracy, completeness or reliability of any information on this weblog. Any person who accesses this weblog or relies on the information contained in this weblog does so at their own risk. All data and information provided on this weblog is for informational purposes only.
[*] This bypass technique is already in the wild, and people have written blogs and have shared videos on it. It may not be the first discovery here, but as per the author Farhan, he shares & quotes this discovery as his own research, a little late in time though!