eBay bug lets hackers embed malicious code into public sale pages
In response to Examine Level Software program’s weblog publish, the agency notified eBay of the flaw again in December, however the firm stated it did not have plans to repair the vulnerability. eBay advised Ars Technica, nevertheless, that it has been in contact with Verify Level Software program and that it has “carried out numerous safety filters” based mostly on its findings. The marketplace additionally added that it hasn’t detected any fraudulent exercise that takes benefit of the bug but:
Since we permit lively content material on our website it is essential to know that malicious content material on our market is awfully unusual, which we estimate to be lower than two listings per million that use lively content material on the eBay market.
Nonetheless, in case you come throughout an public sale web page that asks you to put in or obtain something, do not forget this flaw and ensure to click on Cancel.