PayPal Inc - Mobile API vulnerable to restriction Auth Bypass Issue
This week the vulnerability laboratory disclosed an issue in the mobile api of the paypal ios application. The issue allows remote attackers to bypass the account restriction mechanism that blocks malicious or illegal acting users.
The security vulnerability is located in the mobile api auth procedure of the paypal online-service. The mobile app api does not check for already restricted/blocked application accounts. Remote attackers are able to login through the mobile api with paypal portal restriction to access account information or interact with the compromised account.
Advanced Persistent Threat Golden_hands - Digital Bank Robbery of the Year 2020
Facebook Security - 12.500$ Bug Bounty reward to Security Researcher
Bug Bounty Program Award Winners 2014 - Exclusive Interview by Microsoft & PayPal
Shopify | Buy Button | Persistent Embed POST Inject Vulnerability