Resources Blog Expert Finds XSS Flaw On eBay After Bypassing 'Filtering ...

Expert Finds XSS Flaw On eBay After Bypassing 'Filtering Mechanisms'

Softpedia – (International) Expert finds XSS flaw on eBay after bypassing ‘filtering mechanisms’. eBay listed a security researcher in its hall of fame after the expert managed to identify a very unusual non-persistent cross-site scripting (XSS) vulnerability. ―There was a WAF/IPS in place which was filtering out the html and JavaScript being embedded into the page. I managed to bypass the filtering mechanism of eBay and was able to run my html code and JavaScript, the expert explained. To demonstrate his findings, he published a proof-of-concept (PoC) video in which he details how he managed to bypass the filter. The researcher claims he also identified high-risk vulnerabilities on Web sites owned by Adobe and Apple. The PoCs for these particular security holes will be released as soon as the companies address the problems.


Picture of Ali Loney

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.