Vulnerabilities (CVE)

Filtered by vendor Paypal Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-23648	2 Fedoraproject, Paypal	2 Fedora, Braintree\/sanitize-url	2022-06-15	4.3 MEDIUM	6.1 MEDIUM
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
CVE-2017-6217	1 Paypal	1 Adaptive Payments Sdk	2019-07-11	4.3 MEDIUM	6.1 MEDIUM
paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution
CVE-2017-6099	1 Paypal	1 Merchant-sdk-php	2019-03-13	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.
CVE-2017-6213	1 Paypal	1 Php Invoice Sdk	2018-09-27	3.5 LOW	5.4 MEDIUM
paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permissions.php via the permToken parameter, resulting in code execution.
CVE-2017-6215	1 Paypal	1 Php Permissions Sdk	2018-09-27	3.5 LOW	5.4 MEDIUM
paypal/permissions-sdk-php is vulnerable to reflected XSS in the samples/GetAccessToken.php verification_code parameter, resulting in code execution.