Is that the fastest turn around time?
Particularly when this flaw is detected by an outsider.
According to the article:-
Mark Litchfield, an infosec pro at Securatary, told us he discovered a flaw in eBay-owned ProStores that not only opened the door to store account hijackers, but also leaked "full access to all their customers PII [Personally identifiable information] as well as their full credit information in clear text."
"Like the gostorego vulnerability (also eBay), we could shop for free by giving ourselves store credit or gift cards or created our own orders for free," Litchfield told The Reg.
Securatary said it had reported the problem to eBay on 11 February but it was only fixed on 20 March.
The link below has more information:-
No comments:
Post a Comment