No CSRF token present in Customer service message form.

Program: Paypal Bug Type: CSRF Bounty: 750 Date: 2012-10-12

csrf missing-csrf-token impersonation

Summary

A CSRF vulnerability exists in PayPal’s “Customer Service Message” form, which allows sellers to configure a personalized message shown to customers when they open a dispute. The form lacks anti-CSRF token, allowing an attacker to craft a malicious page that silently updates the message on behalf of an authenticated user.

References

https://whitton.io/archive/my-experience-with-the-paypal-bug-bounty-programme/

← Back to Reports