Persistent XSS bug discovered on eBay

Written by DP

Wednesday, 6 October 2010

Security researcher "Side3ffects" has contacted us regarding a critical persistent XSS that he discovered on eBay:
"Once you login to your account on eBay, edit the option "About me".
Now go to :
Demo URL (My profile):
It is also vulnerable to redirection with the following XSS attack vector:
'"--><script>alert(/Xss2ro07 aKa Side3ffects)</script>
One of the possible exploitation scenarios is malicious people stealing cleartext credentials from registered users by injecting an iframe tag that retrieves another rogue eBay login page from a remote server.   
Other reported XSS bugs affecting eBay domains include (all still pending a fix):
eBay Giving Works, discovered by "d3v1l" from Security-Sh3ll:
Secure eBay's Law Enforcement eRequest System, discovered by "Nemessis":
eBay Italy Ads, another one discovered by "d3v1l":
eBay has been XSSed many times in the past.
Related News on XSSed:
"New XSS flaws within eBay sites" - DP - 27 May 2008 

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.