Attackers for months have been using eBay listings to redirect visitors to password-harvesting scam sites. They use cross-site scripting to hijack shoppers and trick them into handing over personal data. Smartphones, televisions, hot tubs and clothing are among the items supposedly for sale in listings infected with malicious Javascript code. eBay reportedly has been slow to address the issue.
More: continued here
