Wednesday February 03, 2016

Severe And Unpatched eBay Vulnerability Allows Attackers To Distribute Malware

You know what the best part about this vulnerability is? eBay stating that they have no plans to fix it. frown The video below shows the malicious code in action.

This vulnerability allows attackers to bypass eBay's code validation and control the vulnerable code remotely, to execute malicious Javascript code on targeted eBay users. If this flaw is left unpatched, eBay users will continue to be exposed to potential phishing attacks and data theft.