Archive for October, 2010

Paypal Sender Country XSS

Paypal Sender Country XSS

A new XSS vulnerability was identified on Paypal.com earlier today, found by d3v1l and disclosed on both Security-Shell and XSSed. The problem is with the parameter sender_country in a transaction called nvpsm.