

Another XSS vulnerability and Paypal shows no response - a1a
http://seclists.org/fulldisclosure/2013/May/182

======
tptacek
This looks like the same XSS vulnerability with different country codes, which
makes the title perhaps a little misleading.

~~~
a1a
The title was copied from the post, I did not see this before posting.
Inspecting it further, he says: "I found out that 13 more _countries_ are
affected with this xss attack." The country-codes are obviously just handled
as another parameter while the vulnerable code is the same on all of them. I
am sorry if I helped to cause more confusion, but again - I just copy/pasted.

EDIT: I have updated the title.

------
geeknik
I don't know why people have trouble getting a response from PayPal.. I
submitted an XSS and a CRLF injection issue over the holiday weekend and got a
response this morning.

------
kemo
More like... 1 vulnerability

