Now an XSS vulnerability discovered in eBay.

  • Filter
  • Time
  • Show
Clear All
new posts

    Now an XSS vulnerability discovered in eBay.

    After the recent revealing of the EBay hack which affected up to 145 million users and was the 2nd largest in history, now comes another setback.

    A Cross site scripting (XSS) vulnerability was discovered in the eBay labs page and another exploit was found which allowed a user to upload a shell via the Flash upload page. However, these exploits have now been fixed.

    Post the hack EBay asked its users to reset all their passwords and when users tried to use stronger and random passwords using a password generator they were surprised to see that the stronger and entropy passwords were red flagged and deemed weak while the system was accepting the worlds most commonly used passwords which the company itself explicitly marked as unacceptable.

    The trouble seems to be growing for EBay as of now. Last week it was also hit by Google and about 80% of its search traffic vanished.
    Last edited by Rsync; 12-05-2022, 08:55.
    eUKhost Ltd.: Dedicated Servers | Cloud Hosting | Build a Website
    Join our Affiliate program for free and earn up to 100% commission!

    Re: Now an XSS vulnerability discovered in eBay.

    I am really confused with eBay. What is going on, I think technical team should load their weapons to defend eBay against this malicious activities.


      Re: Now an XSS vulnerability discovered in eBay.

      Things are not at all going in favor of Ebay and it is facing one problem after another. It should first settle all the issues and then get back to making its services better and secure.