Israeli researchers find flaw in Alibaba site, say shoppers' security could be compromised

NEWYou can now listen to Fox News articles!

Israeli security researchers say that personal information of millions of Alibaba users may have been exposed through flaws on the e-commerce giant's platform.

AppSec Labs says a pair of weaknesses it discovered in the Chinese e-commerce site's code could have allowed hackers to hijack merchant accounts.

"If I want to buy a $600 phone, I can change the price to a dollar and buy it," said AppSec founder Erez Metula. "I can see what people have bought, I can change the shipping address so things can be sent to me instead."

Metula said one of the flaws was discovered by a 21-year-old employee.

He says there is no indication that any user data was compromised.

Alibaba spokeswoman Molly Morgan said Tuesday that "potential vulnerabilities" flagged by AppSec had been fixed.