eBay vulnerability put millions of user at risk

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

eBay an American multinational corporation and e-commerce company has patched a XSS security vulnerability which exposed millions of user at risk of phishing attack.

Even though this flaw was privately notified to eBay a month ago, no act was taken until the matter got the attention of the media.

Short YouTube video on how the XSS security vulnerability works.

Using the method mentioned above in the video can allow attackers easily steal usernames and passwords, since many people use the same details, it could have resulted in heavy data loss.

According to security researcher, This was a simple vulnerability which would have allowed the attacker to use iframe to insert their own malicious page into eBay.”

Now the vulnerability is patched.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply