9 matches found
CVE-2023-23941
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
CVE-2023-23941
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
Design/Logic Flaw
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
CVE-2023-23941
SwagPayPal (Shopware) vulnerable to a mismatch between the amount/item list sent to PayPal and the actual created order when using JavaScript-based PayPal checkout methods (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, credit card). Root cause: inconsistent data sent to PayPal durin...
CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
SwagPayPal 数据伪造问题漏洞
SwagPayPal is an open source PayPal integration for Shopware, a store software/platform. SwagPayPal suffers from a data forgery issue vulnerability that stems from the fact that the list of amounts and items sent to PayPal may not match those in the created order...
PT-2023-19312 · Unknown · Swagpaypal +1
Name of the Vulnerable Software and Affected Versions: SwagPayPal versions prior to 5.4.4 Description: The issue affects JavaScript-based PayPal checkout methods, including PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, and Credit card. When these methods are used, the amount and ite...