Watch for upcoming vid showing how ebay has shirked the responsibility & refused to correct this now since before this millennium began, since long before the US-CERT warnings came out., Indeed since before the term xss was coined.

HOLY COW !

That's an Eye Opener !

Thanks so Much Cap !

Where are the FEDS and The SEC?

Hello gmajorspresents.

Good question?

Asleep maybe? With a dubious bedfellow perhaps? lol.

People whom have fallen victim to, or are concerned about this issue should file complaints to any & all appropriate agencies, & spread the word that ebay is neither safe, honest, reliable, prompt or timely correcting critical safety flaws.

And although ebay claims enhancement of user experience outweighs the need for safety, they should walk in the shoes of the victims.

Avoid KKKbay like the plague!

LOL @ KKKbay

Good video!

Nothing says fun for the Holidays like having your ID stolen, bank accounts cleaned out and your credit ruined all while being lied to and abused by some fly by night outfit that can't or won't even secure their own fraud infested site.

HAhahahahaha!

The odds are overwhelming this is all an inside job btw.

They must be making money on this otherwise they would fix it. Look how fast they act upon anything like, like truthful forum posts for instance

Hello Geezer.

Yes, inside job you say?

Whether by overt act, by pure indifference, arrogance or complacency, I believe you are correct.

No reason to correct it when they can just blame the user and brush them aside, count the cash.

Go have a look at the firejohndonahoe public blog, where you will see the source code. (link in more info area) Apparently the flash snippet was somehow placed into the non ebay description area. Outside the iframe which contains the UGC .... Internal hackers?