`Hi People
Found a XSS on german Paypal website last week and reported it exactly 7
days ago.
Their response was one we very well know
Another researcher already discovered the bug.
So, someone else found the Vulnerability before me and reported it.
Fine, looks like I was too slow. I can live with that.
Now, i received an answer exactly 7 Days ago. That means they had more than
a week to fix this
https://www.paypal.de/Einkaufswelt/H%C3%A4ndlerverzeichnis/?c=" ||
alert('XSS') || "
All they'd have to do is escape quotation marks or remove them since
they're not used anyways.
The Approximate time that takes is ~15 Seconds.
I am amazed by how long it takes some huge companys to close holes in their
websites
______________________________________________________
Samuel Alp
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation