miércoles, 12 de febrero de 2014

eBay Stored XSS [No fix, no HoF, "Duplicated"]

Hi all!
This time I want to post my first eBay vulnerability. I won't try to find more vulnerabilities in eBay... continue reading if you want to know why ((:
Vulnerable domain: https://merchant.ebaycommercenetwork.com/
See the images to know how to reproduce the issue.
I reported the vulnerability and... surprise! No answers!
I asked eBay help in Twitter and I reported it another time, and... another surpise for me: DUPLICATED!

Kind regards!

1 comentario:

Please, leave a comment! Thank you!