According to the source, clicking on some listings automatically redirected users to the harmful websites. eBay removed several posts and declared it was an isolated incident.
But the BBC has since found several listings, from multiple users, exploiting the same vulnerability. Furthermore, several readers contacted the BBC detailing complaints they had made to the website.
In each case, it appears cross-site scripting (XSS) has been used to hijack the users browsing, placed in the listings page using Javascript.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.