The spoof website then asked for the users' eBay usernames and passwords. The technique used to hack the website is known as cross-site scripting ( XSS ) and is one of the top 10 vulnerabilities that website owners should be concerned about, reported the BBC.
The report said that the U.S.-based firm was alerted about the hack on Wednesday night but the malicious listings were removed more than 12 hours later.
The fake page that the users landed on after clicking some of the links had the potential to carry out further malicious actions.
A spokesperson for eBay downplayed the scope of the attack.