Packagist (Composer) package
paypal/merchant-sdk-php
pkg:composer/paypal/merchant-sdk-php
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-6099 | Med | 6.1 | >= 3.0.0, < 3.12.0 | 3.12.0 | Feb 24, 2017 | Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter. |
- affected >= 3.0.0, < 3.12.0fixed 3.12.0
Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.