CSRF Vulnerability Fixed in PayPal Bug

    0
    1930

    Florian Courtial, a french software engineer, recently discovered a bug in PayPal.Me which allows the unauthorized changing of a users’ profile picture. Victims would have to visit a malicious site that executes the code to change the user’s profile. While the profile picture is the extent of what can be changed without permission, it could still be an embarrassing moment for Paypal’s users. Read more at Threat Post.

    Image via Threatpost
    Image via Threatpost