Numerous Pulsating Martians
paypal-ipn

Validation Bypass

Severity: critical

Overview

Versions 2.x.x and earlier of paypal-ipn are affected by a validation bypass vulnerability.

paypal-ipn uses the test_ipn parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox.

A motivated attacker could craft a request string using the simulator to fool the application into entering the sandbox mode, potentially allowing purchases without valid payment.

Remediation

Upgrade to version 3.0.0 or later.

Vulnerable versions

1.0.0
7 years ago
1.0.1
7 years ago
2.1.0
4 years ago
2.0.0
4 years ago

Unaffected versions

3.0.0
4 years ago

Resources

Advisory timeline

  1. Published

    Advisory published
    Dec 3rd, 2014
  2. Reported

    Initial report by Martin Angelov
    Oct 17th, 2015