Saturday, December 1, 2012

eBay patches two critical security flaws

eBay recently patched two potentially critical vulnerabilities, a cross-site scripting bug and a SQL injection vulnerability. For SQL issue the vulnerable script is '' that attackers unauthorized read/write/edit access to a SQL database. Whereas XSS flaw could allow a hacker to access a seller's account and the ability to insert a XSS exploit into the code on a product's page.

No comments: