How Paypal helped me to generate XSS

How PayPal helped me to generate XSS | by Pflash Punk - Freedium Milestone: 20GB Reached We’ve reached 20GB of stored data — thank you for helping us grow! Patreon Ko-fi Liberapay Close < Go to the original How PayPal helped me to generate XSS So one day I was doing some work with my friend and visited PayPal to get a Pay with PayPal button. I logged in to PayPal and moved to… Pflash Punk Follow ~2 min read · October 20, 2019 (Updated: December 12, 2021) · Free: Yes Hi , I was on break for a year because of my dad's health issue :( But now I'am back :D This is my first write up on medium.com , its a old finding but may help you ;) Ok. So one day I was doing some work with my friend and visited PayPal to get a Pay with PayPal button. I logged in to PayPal and moved to tools section and clicked on PayPal buttons. After clicking PayPal redirected me to https://financing.paypal.com/ppfinportal/adGenerator Here we can create buttons. While generating a button I looked on the URL bar and got excited. The URL was some thing like this https://financing.paypal.com/ppfinportal/adGenerator/emailCopy?size= 320x200 The banner size was in url .So i decided to test it. I've changed the size to LOL and got surprised , the width size in embed code changed to LOL Now what :P I've changed LOL string to a XSS payload and the size became "> Now the size in embed code became "> . Which means if you'll use the infected embed code you'll be greeted by XSS popup :P Look at the embed code carefully :P So this accidental XSS gave me 250$ :D #xss-attack #xss-vulnerability #paypal #bug-bounty #penetration-testing Reporting a Problem Sometimes we have problems displaying some Medium posts. If you have a problem that some images aren't loading - try using VPN. Probably you have problem with access to Medium CDN (or fucking Cloudflare's bot detection algorithms are blocking you).