eBay has resolved a cross-site scripting bug on its website that independent experts warned posed a significant risk of fraud to users of the auction site. The XSS flaw meant that, once logged into a seller account on eBay, an attacker could insert an XSS exploit code into a listing of an item for sale. The XSS security flaw on …
I knew it!
I was sure I hadn't ordered that Bangalore Boogie Nights DVD! Damn it!
I particularly liked the survey popup "Have you got a minute" that has no close button so you have to refresh the page.
A good reason we should ignore XSS then?
“...XSS vulnerabilities always have gotten more attention than they deserve ... you're attacking other visitors, not the site itself."
Typical of the way big business thinks of its customers.
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- China in MONOPOLY PROBE into Microsoft: Do not pass GO, do not collect 200 yuan