********************************************************
# Exploit Title : Paypal app Link Open Redirection
# Explanation : Suspicious link for UK users - [Maliciousing Link via Redirect]
# Vendor Homepage : www.paypal.com
# Exploit Author: Iran Cyber Security Group
# Date : 2019-07-09
# Tested on : Win10 , Kali Linux
# Discovered By : Und3rgr0und
# Our Team : www.iran-cyber.net 

********************************************************

Description :

Our team has found some kind of bug bounty that has a medium risk for its users.On the PayPal website, many times you see that there are links for downloading the apps mobile for example (https://app.adjust.com/ybp7iw). So if we check in different parts of the website For uk users there is a section below : 

http://cdn.persiangig.com/preview/FP1RGw2D5O/large/apps.png

So the hacker uses it . To do this, just create a malicious link and put it in a link endpoint.

****************************
# Open Redirection :
**************************** 
Healthy address :

1- https://app.adjust.com/bfpiqs_meciev?fallback=https%3A%2F%2Fwww%2Epaypal%2Ecom%2Fuk%2Fwebapps%2Fmpp%2Fmobile%2Dapps

malicious Address :

2- https://app.adjust.com/bfpiqs_meciev?fallback=https%3A%2F%2Fwww%2Epaypali%2Ecom%2Fuk%2Fwebapps%2Fmpp%2Fmobile%2Dapps

**************************** 

For Example : ( domain paypal.com to paypali.com Or anything that is not suspicious )

Note : Fix address in page : https://www.paypal.com/uk/home

****************************

# Impact

It's enough to put malicious links in groups that are UK users, and put it as a link to download the PayPal mobile apps, And easily redirect to a dangerous page .