Alibaba says it is doing all it can to keep on top of security issues that affect its ecommerce merchants, after a published report noted that an Israeli firm found a security flaw in AliExpress, the company’s English language ecommerce site.
According to the report in PC World, a researcher from online security firm AppSec Labs in late October found a vulnerability that could allow an attacker to hijack a merchant’s account on AliExpress. AppSec’s founder Erez Metula said a hacker could have done things like alter product prices, delete goods and even close the merchant’s site by exploiting the vulnerability.
“We are aware of the issue and took immediate steps to assess and remedy the situation,” said Candice Huang, manager of International Corporate Affairs for Alibaba Group. “We have already closed the potential vulnerability and we will continue to closely monitor the situation. The security and privacy of our customers is our highest priority and we will do everything we can to continue to ensure a secure trading environment on our platforms.”
Metula told PC World the security flaw was a common one that “every security tester would check for” when reviewing a website for vulnerabilities.
AliExpress serves various foreign markets including the U.S., Russia and Brazil.