Cybersecurity experts from the vulnerability-lab.com have found a Filter Bypass vulnerability in the PayPal application which allows the exploiter to insert payloads.
Exploitation of the persistent web vulnerability requires a low privileged paypal application user account and only low user interaction.
Successful exploitation of the vulnerability results in persistent session hijacking, persistent phishing, persistent external redirects, persistent manipulation of affected or connected module web context.
The report reads that once the attacker has gained access, the following will be possible:
A remote attacker is able to create multiple customer orders with injected payloads. When the admin merchant account user logs in and checks the Paypal Multi Online Shipping Orders, the
exploit gets triggered.
Proof of Concept (PoC):
The filter bypass and persistent validation web vulnerability can be reproduced by remote attackers with low privileged application user account with low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue.
Note: You need two accounts to produce this PoC, #1 the Main Business Account and #2, the second low privileged user with limited access to only Paypal Multi Online Shipping Module.
Multi User Accounts: PoC
Read more about this vulnerability at the source.