Posted by cosmin0maier on Jun 15

Web Application Security Report
m.ebay.com Multiple Vulnerabilities

[1]: Cross-site Scripting – Stored XSS

The iOS, Android application and m.ebay.com website has a section called

“Followed Search” These followed search, by default, are pre-defined links to sections of eBay. It is possible for a
user to edit the list of followed search and to add their own

[2]: HTML Injection

Full report available:…