PayPal Community

CNPJá · ‎Dec-11-2023

The following issue is extremely severe, PayPal is allowing data from my customers to leak between themselves.

The subscription filter at the following endpoint has stopped working:
https://api.paypal.com/v1/billing/subscriptions/:subscriptionId/transactions

Which means that the transaction list returned is always the same regardless of the subscription I send.

For example, the following requests returns the same payload:
1. https://api.paypal.com/v1/billing/subscriptions/I-1RM0VC18F0XX/transactions?start_time=2023-01-01T00...

2. https://api.paypal.com/v1/billing/subscriptions/I-35XHEHHBJX8Y/transactions?start_time=2023-01-01T00...

But the expectation was that each of the transaction lists corresponded only to the informed subscription ID.

This issue has already happened before on July 2022. It is absurd on how PayPal allows their API to have such a critical bug in production.

Yani_Serv · ‎Dec-11-2023

Yes, this looks like the same issue as last year. We are also experiencing it.

Kavyar · ‎Dec-19-2023

Good day @CNPJá,

Thank you for posting to the PayPal community.

I would like to suggest that you try again by using the "List transactions for subscription" API with a different profile ID.

If you are still experiencing issues, please create an MTS ticket via the following URL - https://www.paypal-support.com/s/?language=en_US . Please ensure that you provide detailed information and error details when submitting the ticket.

Sincerely,

Kavya

PayPal MTS

If this post or any other was helpful, please enrich the community by giving kudos or accepting it as a solution.

CNPJá · ‎Dec-19-2023

For future reference, the issue was fixed after 6 days.

IMHO pretty unacceptable for a company this size, I expected they to have proper e2e tests and rollback procedures in such event.

PayPal Community

GDPR INFRINGEMENT BUG at /v1/billing/subscriptions/:id/transactions

Haven't Found your Answer?