Paypal fixed a fraud-enabling bug?
I call April Fools on this one.
PayPal has patched a flaw which created a means for miscreants to abuse its platform to lend authenticity to fraudulent or otherwise malicious emails. The input validation and mail encoding web vulnerability in the official PayPal online web app was discovered by Vulnerability Laboratory researcher Benjamin Kunz Mejri. The …
He should be glad he got $500
I reported a problem to Netgear about 18 months ago that allows people to see the admin username and password via the public IP/wan side by just using a crafted URL (no special tools required!).
Their reply to me was that the bug does not exist in new devices so it is a non-issue.
I know this affected many devices, but they don't actually care.
All I got out of it was a "bug verified - support ticket closed".