Hello,This is me!

Abdul Wahab

A Security Engineer Bug Bounty Hunter Synack Red Team Member

Wednesday, 19 October 2016

How i Find Stored Xss in eBay.

Aslam-O-Alaikum,

In 7 September 2016 i Submitted a Cross-Site Scripting Issue to eBay.They in September 13,2016 reply me Message that the Bug is Comfirmed and Awaiting Fix.In 19 October 2016 they Reply that the Bug is Fixed Now.

Steps to Reproduce:-

  1. Create a Account on ebay and PayPal.
  2. Create a New Listing
  3. add Item Details of Following PayLoad in all Post/Options:-
<script>alert(1);</script>
 4.Link account with paypal
5.Done! Item Added with Xss in eBay.

Video to Reproduce:-

Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna Veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat.

0 comments:

Post a Comment

SEND ME A MESSAGE

Search

Hi There, I am

Instagram

About Me

My photo
Turning my passion into my professional life. Love to break road and dig deeper as much as possible. Believe in no system is secure. Acknowledged by Google,Facebook,Paypal,Twitter and 250+ tech giants.

About Me

Social media

Flickr

Popular Posts