PayPal Fixes CSRF Bug in PayPal.me Website
from InfoSecIsland 01 August indexed on 01 August 2016 16:01PayPal recently resolved a cross-site request forgery (CSRF) vulnerability affecting the PayPal.me website, which could have allowed an attacker to change a user's PayPal profile picture.
Read more.