Get a Pentest and security assessment of your IT network.

Cyber Security

Hackers could have stolen PayPal funds from Meetup users

Meetup is a service that enables users to create in-person or virtual events. For organizers outside the U.S., the platform offers PayPal support to charge attendees for a paid event. Researchers from Checkmarx describe a stored XSS vulnerability that allowed a regular group member to have the same permissions as an organizer. A second high-severity flaw, with a score of 8.1 out of 10, could be exploited in combination with a CSRF vulnerability to change a user s PayPal address in the Meetup profile.

Source: https://www.bleepingcomputer.com/news/security/hackers-could-have-stolen-paypal-funds-from-meetup-users/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation