Full title: PayPal.com STORED XSS - Execution on user login / send to any user 
Category: web applications
Platform: tricks
This method allows you to exploit any user on PayPal, and potentially steal money, cookies, or do lots of other things. This exploit is in the "request money" feature, so all you need to do to exploit someone is request money to them with the XSS method, and when the user logs into paypal.com, the XSS will execute. 

This method is not known by paypal developers at the moment, so buy fast.

# 0day.today @ http://0day.today/