Phishing alert: PayPal Hit With XSS Exploit
The online payments site has been crippled thanks to another cross-site scripting (XSS) bug that would enable hackers to get away with user passwords.
February 10, 2009
PayPal si aware of the problem but the company has yet to announce a solution.
This is not the first time that PayPal falls victim to an XSS bug that allowed the injection of unauthorized code. The online payments site had to patch a similar vulnerability in May 2008, after being informed by Finnish researcher Harry Sintonen.
At present time, critics only wonder when will the XSS disaster strike next...