Malicious code in down_load_ebook_buy_now_pay_later_by_james_eyers_jonathan_shapiro_zsicv (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2149 Malicious code in down_load_ebook_buy_now_pay_later_by_james_eyers_jonathan_shapiro_zsicv (npm)

--- -= Per source details. Do not edit below this line.=-...

Design/Logic Flaw

SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...

CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly

SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...

CVE-2023-23941

SwagPayPal (Shopware) vulnerable to a mismatch between the amount/item list sent to PayPal and the actual created order when using JavaScript-based PayPal checkout methods (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, credit card). Root cause: inconsistent data sent to PayPal durin...

ATO Attacks Targeting Financial Services Increased 58 Percent in May. Who Else Needs to Worry?

Account takeover ATO is a form of identity theft that cyber criminals use to get unauthorized access to the accounts of legitimate users through some kind of brute force method such as Credential Stuffing. In 2022, account takeover attacks are on the rise. In June for example, Imperva’s Threat...