March 22, 2010
The way the Square API delivers JSON output makes it possible for an attacker to engage in a cross-site scripting (XSS) under certain circumstances. The vulnerability was discovered by security researcher Ajay Chavda and reported to Square on August 7, 2015 through its bounty program on hackerone.
This past September, Dwolla launched its Same Day ACH Pilot Program which offers members advanced access to Same Day ACH. Yesterday Dwolla announced that Same Day ACH is now out of pilot and available to all approved Access API partners and Same Day ACH has been added to the Dwolla Access API.
Fifteen APIs have been added to the ProgrammableWeb directory today, in categories including Spam, Travel, Bitcoin, Surveys, and Banking. One highlight today is the Basetrip API, which provides detailed International travel information to users. Have a look at what is new for developers.