7.9 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.9%
The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.
exchange.xforce.ibmcloud.com/vulnerabilities/92099
labs.mwrinfosecurity.com/advisories/paypal-remote-code-execution/