Table Of Contents
Buying a cheap iPhone on eBay is dangerous!!!
Paul Kerr, a IT worker was surfing on eBay and happened to come on a iPhone listing.
They should have nailed that straight away, and they didnt, he commented.
XSS enables attackers to inject client-side script into Web pages viewed by other users.
A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.
Once a potential clicked on these they were taken to cloned eBay log-in page.
However, eBay security team confirmed existence of only one.
source: www.techworm.net
