WebHybridClient.java in PayPal 5.3 and previous versions for Android ignores SSL errors, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paypal paypal |