eBay is working on a fix for a cross-site request forgery problem that could allow an attacker to change a user’s password and get access to that user s account. A new blended email threat appears to be a security alert from eBay, said researchers. The email message with the subject line eBay Procedural Warning Security Alert, is addressed to Dear eBay Member and warns recipients that the sender has detected security issues on behalf of your account
Source: https://threatpost.com/ebay-has-cross-site-forgery-flaw-021810/73562/