The following is my report on a serious vulnerability which i had discovered on eBay .com, for which i was also awarded a place at eBay Hall of Fame.
---Following is the email which i had sent to eBay Security Team---
Vulnerability Type: Non Persistent XSS
Vulnerability Reproduction Steps(POC):
1. Visit the Scope URL as mentioned above.
2. Enter the following payload in the search field: "]};; <script>alert("XSS-By-Ak" )</script>
3. After the search our URL becomes the same as POC URL which delivers the XSS alert payload "XSS-By-Ak"
System Details: Firefox 41 on windows 8.1
Let me know if you require any other information, i will be happy to assist.
Regards
Amit Kumar(Ak)