Persistent input validation vulnerability has been discovered in the official Paypal Inc website content management system & API. The bug allows remote attackers to inject own malicious script codes to the application-side of the Paypal online-service.
Read more here – http://www.vulnerability-lab.com/get_content.php?id=651