PayPal patches potential payment-stealing vulnerability
An XSS hole could apparently have allowed a crook to pop up a realistic PayPal “pay page” and steal the victim’s card data.
Paul Ducklin takes a look…
Story added 28. August 2015, content source with full text you can find at link above.