eBay recently patched two potentially critical vulnerabilities, a cross-site scripting bug and a SQL injection vulnerability. For SQL issue the vulnerable script is 'sea.ebay.com/news.php' that attackers unauthorized read/write/edit access to a SQL database. Whereas XSS flaw could allow a hacker to access a seller's account and the ability to insert a XSS exploit into the code on a product's page.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment