CVE-2017-6099

2017-02-2321:00:00

mitre

www.cve.org

0.001 Low

EPSS

Percentile

47.4%

JSON

Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.

References

www.securityfocus.com/bid/96432

github.com/paypal/merchant-sdk-php/issues/129

0.001 Low

EPSS

Percentile

47.4%

JSON

Related for CVELIST:CVE-2017-6099