exploitDog

CVE-2013-7202

Опубликовано: 27 апр. 2018

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/92099
Third Party Advisory
VDB Entry
https://labs.mwrinfosecurity.com/advisories/paypal-remote-code-execution/
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/92099
Third Party Advisory
VDB Entry
https://labs.mwrinfosecurity.com/advisories/paypal-remote-code-execution/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:paypal:paypal:*:*:*:*:*:android:*:*

Версия до 5.3 (включая)

EPSS

Процентиль: 80%

0.01332

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-m357-99gg-7rgq

CVSS3: 8.1

github

больше 3 лет назад

The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.

EPSS

Процентиль: 80%

0.01332

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-264