5 matches found
EUVD-2013-6985
Malware in sbrugna...
Information disclosure
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...
Information disclosure
The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system...
CVE-2013-7202
The CVE-2013-7202 entry describes a vulnerability in PayPal’s Android app, affecting the WebHybridClient class in PayPal 5.3 and earlier. The issue allows remote attackers to execute arbitrary JavaScript on the target system. The connected documents confirm the affected component (WebHybridClient...
PayPal for Android SSL证书校验安全漏洞
CVE ID:CVE-2013-7201 PayPal for Android是一款用于安卓的paypal支付应用。 PayPal for Android WebHybridClient类不正确校验服务器SSL证书,允许攻击者利用漏洞伪造HTTPS链接,进行中间人等攻击。 0 PayPal for Android 5.3 目前没有详细解决方案提供: https://play.google.com/store/apps/details?id=com.paypal.android.p2pmobile&hl=en...