Slideshow

eBay flaw could be used to hijack accounts, researcher says

The auction site hasn't patched the flaw after four days, so the researcher decided to go public

  • A U.K. based security researcher, Jordan Lee Jones, showed how eBay is vulnerable to a cross-site scripting attack that could potentially be used to hijack user accounts.

  • EBay made defensive changes to its website after Jones showed he could upload shell code to its network.

Show Comments

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?