News

eBay Fixes Security Gap In Magento eCommerce Platform

It's not the first time eBay has had to patch security holes on its eCommerce platform, Magento, but the online marketplace company has once again cleaned up vulnerabilities that could have provided hackers the opportunity to steal data.

This time around, three security vulnerabilities were discovered by Vulnerability Lab's Security Researcher Hadji Samir, according to a ZDnet report, which identified the security flaws that were used on the platform eBay uses to enable online shopping and transactions. The researcher deemed the vulnerabilities to be "medium" flaws, the report said.

Magento, which is used and owned by eBay, is an eCommerce software and platform used by many leading brands.

Among the three security vulnerabilities includes a CSRF flaw, which allows hackers to conduct "client-side account theft by hijacking, client-side phishing, client-side external redirects and the non-persistent manipulation of affected or connected service modules," Samir said.

Data released in April by Check Point Software Technology showed that there may have been a “massive vulnerability” in the Magento eCommerce Platform that could have a significant impact on the security of the eCommerce Market. eBay had fixed the flaw before it was publicly reported on, but that didn't stop the research group from reporting on the impact of that security flaw.

In April, Check Point said that their Malware and Vulnerability Research Group discovered gaps in eBay’s Magento eCommerce platform that could impact as many as 200,000 online shops.

“As online shopping continues to overpower in-store shopping, eCommerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information,” said Shahar Tal, Malware and Vulnerability Research Manager at Check Point Software Technologies. “The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores – which represents about 30 percent of the eCommerce market.”

To check out what else is HOT in the world of payments, click here.

——————————

LIVE PYMNTS TV OCTOBER SERIES: POWERING THE DIGITAL SHIFT – B2B PAYMENTS 2021 

Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

1 Comment

TRENDING RIGHT NOW