exploitDog

GHSA-cjqc-xw23-pp7h

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.4

Описание

WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.

WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.

Ссылки

EPSS

Процентиль: 75%

0.00854

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2013-7201

CVSS3: 7.4

nvd

почти 8 лет назад

WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.

EPSS

Процентиль: 75%

0.00854

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-295