Daniel Duvall

**Name of the Vulnerable Software and Affected Versions** Ubercart module versions 5.x before 5.x-1.9 Ubercart module versions 6.x before 6.x-2.1 **Description** The issue allows attackers to obtain sensitive information via unknown vectors when a custom checkout completion message is enabled in the PayPal Website Payments Standard functionality. **Recommendations** For Ubercart module version 5.x, update to version 5.x-1.9 or later. For Ubercart module version 6.x, update to version 6.x-2.1 or later.