Stay updated on the latest news from
the makers of Nexus
Expert Finds XSS Flaw On eBay After Bypassing 'Filtering Mechanisms'
by Ali Loney on September 28, 2012

Tags: News, security, AppSec Spotlight

Softpedia – (International) Expert finds XSS flaw on eBay after bypassing ‘filtering mechanisms’. eBay listed a security researcher in its hall of fame after the expert managed to identify a very unusual non-persistent cross-site scripting (XSS) vulnerability. ―There was a WAF/IPS in place which was filtering out the html and JavaScript being embedded into the page. I managed to bypass the filtering mechanism of eBay and was able to run my html code and JavaScript, the expert explained. To demonstrate his findings, he published a proof-of-concept (PoC) video in which he details how he managed to bypass the filter. The researcher claims he also identified high-risk vulnerabilities on Web sites owned by Adobe and Apple. The PoCs for these particular security holes will be released as soon as the companies address the problems.


Recent Posts

Posts by Topic

see all

Get Blog Updates