Cybersecurity experts from the vulnerability-lab.com have found a Filter Bypass vulnerability in the PayPal application which allows the exploiter to insert payloads.
Exploitation of the persistent web vulnerability requires a low privileged paypal application user account and only low user interaction.
Successful exploitation of the vulnerability results in persistent session hijacking, persistent phishing, persistent external redirects, persistent manipulation of affected or connected module web context.
The report reads that once the attacker has gained access, the following will be possible:
A remote attacker is able to create multiple customer orders with injected payloads. When the admin merchant account user logs in and checks the Paypal Multi Online Shipping Orders, the
exploit gets triggered.
Proof of Concept (PoC):