I was on break for a year because of my dad’s health issue. But now I’am back :D
This is my first write up on medium.com, its an old finding but may help you.
Ok. So one day I was doing some work with my friend and visited PayPal to get a Pay with PayPal button.
I logged in to PayPal and moved to tools section and clicked on PayPal buttons. After clicking PayPal redirected me to https://financing.paypal.com/ppfinportal/adGenerator
Here we can create buttons.
While generating a button I looked on the URL bar and got excited.
The URL was something like this https://financing.paypal.com/ppfinportal/adGenerator/emailCopy?size=320x200
The banner size was in the URL. So I decided to test it.
I’ve changed the size to LOL
and got surprised, the width size in the embed code changed to LOL
Now what, I’ve changed LOL string to an XSS payload and the size became
"><img sr=null onerro=prompt(1)>
Now the size in the embed code became
"><img sr=null onerro=prompt(1)>
Which means if you’ll use the infected embed code you’ll be greeted by XSS popup.
Look at the embed code carefully.
So this accidental XSS gave me 250$ LoL