Researchers Outline Vulnerabilities in Yahoo, PayPal, Magento Apps

September 14, 2015


recently discovered a smattering of in web applications and mobile applications belonging to companies like , , , and Shopify that could have led to account theft, session hijacking, and phishing, among other consequences.

Hadji Samir, Ebrahim Hegazy, Ayoub Ait Elmokhtar, and Benjamin Kunz Mejri, researchers with Vulnerability Lab, found the bugs earlier this year but only recently disclosed them.

The researchers found three separate issues in web apps developed by PayPal, including a severe vulnerability that could have let an attacker bypass a verification check meant to approve the account owner.

Read More