
EBay Platform Exposed to Severe Vulnerability - cyptus
http://blog.checkpoint.com/2016/02/02/ebay-platform-exposed-to-severe-vulnerability/
======
Lazare
Something about the writing rubbed me the wrong way; seemed very self-
promoting and I was prepared to find out the vulnerability was nonsense.

...nope. Ebay literally lets you paste arbitrary JS into your item
descriptions (suitably mangled, but that's not a barrier when there are tools
to do it for you), which is then actually executed on client devices. It's
exactly what it says on the tin; a perfect vector for phishing attacks,
malware distribution, etc.

~~~
duskwuff
I've noticed this before. WTFed before.

Does Ebay do _any_ sanity checking on that JS, or is it just a free-for-all?

~~~
Lazare
They do, but sanity checking code is fairly hard. Some work has been done on
properly sandboxing and securing JS code (ie, the Google Caja project), which
I believe works quite well, but Ebay doesn't do any of that.

Instead they crudely scan through the listing with a simple regexp looking for
keywords that they think suggest you're doing something nefarious. Eg, any JS
that looks to them like it deals with setting or reading cookies is flagged;
anything that looks like it opens a popup is flagged.

"For every complex problem there is an answer that is clear, simple, and
wrong."

------
jcr
There are a few previous discussions on JSFuck:

[https://news.ycombinator.com/item?id=3279078](https://news.ycombinator.com/item?id=3279078)

[https://news.ycombinator.com/item?id=6379732](https://news.ycombinator.com/item?id=6379732)

[https://news.ycombinator.com/item?id=9479834](https://news.ycombinator.com/item?id=9479834)

------
amar-singh
Ebay's product quality is very good but not customer service. I never noticed
this before like JS in item description....

