Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PayPal.com XSS Vulnerability

From: Terrence <secretpackets () gmail com>
Date: Tue, 28 May 2013 11:48:59 -0400
Robert,

Paypal is actually a cool company and im sure they are not worried about
stiffing you on the money that is deserved from the bounty.
Dan actually had some cool words to say about the situation. The XSS is not
extremely complicated but it is good that you found it. Did they fix the
issue before you disclosed it?

T

--
tuna
65617420646120706f6f20706f6f


On Tue, May 28, 2013 at 11:16 AM, Jeffrey Walton <noloader () gmail com> wrote:


On Tue, May 28, 2013 at 10:47 AM, Kirils Solovjovs
<kirils.solovjovs () kirils com> wrote:

I suppose PayPal just wants to stay clear of any possible legal
trouble/issues/complications. It's easier that way.

Well, I suppose they are going to fix the issue pointed out by Kugler
(and the additional issues from Parker).

Do you think PayPal trolls lemonade stands run by children and takes
their lemonade without paying to avoid possible legal problems?

Jeff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: