CVE-2013-7201

CVE-2013-7201

EPSS 1.9%

WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/57351 https://exchange.xforce.ibmcloud.com/vulnerabilities/92098 https://labs.mwrinfosecurity.com/advisories/paypal-remote-code-execution/