Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote malicious users to inject arbitrary web script or HTML via the token parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paypal merchant-sdk-php 3.9.1 |