Check Point alerts eBay to an online sales platform vulnerability which allows cyber criminals to distribute phishing and malware campaigns. This vulnerability allows attackers to bypass eBays code validation and control the vulnerable code remotely to execute malicious Java script code on targeted eBay users. Check Point disclosed details of the vulnerability to eBay on Dec 15, 2015, but eBay stated that they have no plans to fix the vulnerability. The exploit Demo Demo is still live and the exploit demo is still available on eBay’s website.”]
Source: https://blog.checkpoint.com/2016/02/02/ebay-platform-exposed-to-severe-vulnerability/