Bugtraq mailing list archives
eBay password stealing with JavaScript
From: msanders () CONFUSION NET (Michael K. Sanders)
Date: Tue, 20 Apr 1999 20:30:46 -0600
Since 'e-commerce' was discussed recently and I didn't find this in the archives, may I direct your attention to: <URL:http://because-we-can.com/ebayla/default.htm> It will be interesting if eBay tries to 'filter' JavaScript from their listings to fix this.
Current thread:
- L0pht Security Advisory: Cold Fusion App Server, (continued)
- L0pht Security Advisory: Cold Fusion App Server Weld Pond (Apr 21)
- Re: Plain text passwords--necessary Densin Roy. (Apr 19)
- Re: Plain text passwords--necessary Daniel Alex Finkelstein (Apr 19)
- AOL Instant Messenger URL Crash Adam Brown (Apr 19)
- Re: AOL Instant Messenger URL Crash Daniel Reed (Apr 20)
- Shopping Carts exposing CC data Joe (Apr 19)
- Re: Shopping Carts exposing CC data Joe (Apr 20)
- Outlook 98 allows spoofing internal users Nate Lawson (Apr 20)
- Re: Outlook 98 allows spoofing internal users Peter van Dijk (Apr 25)
- Re: Shopping Carts exposing CC data Louis R. Marascio (Apr 20)
- eBay password stealing with JavaScript Michael K. Sanders (Apr 20)
- Re: eBay password stealing with JavaScript Paul Festa (Apr 21)
- Bug in Linux Mount Jacek Konieczny (Apr 20)
- Re: Bug in Linux Mount Meelis Roos (Apr 20)
- Re: Plain text passwords--necessary Tom Perrine (Apr 20)