in this mail they have mentioned that,
If there is any violation against the eBay policy, the listing will be removed and the user account will be suspended.
but i don’t believe so, because when i was testing this vulnerability this page was public since 3 days ,no account suspension nor even they removed listing. and as per my experience 3 days are more than enough to hacking someone! I really feel like there have not been any mechanism set up for moderating or checking the listing.
this XSS have not affected the cookie disclosure area, but still the page was able to redirect to another page without any warnings, and also can inject iframe inside my product listing
imagine if a hacker list any product and make customer redirect to his phising page, he can easily grab his credentials or if a hacker puts his phising page as iframe in product listing only he can easily grab credentials.
not wasting much of your time let me straightly tell you how do i exploited it..
they i got an error like this -
ok lets make it bit complicated for ebay filters and make it bit more complicated,
and then it will look like..
lets now inject this exploit using <
object>tag. and we will get something like this..
nice, now lets try to put this small script..
and script actually run successfully! hence redirect to the page which i have specified!
at last, video i have screen-casted!