A security flaw in AliExpress, Alibaba’s international marketplace, could expose customer data and put merchants at risk.
AppSec Labs, an Israeli application security firm, found the flaw in AliExpress which helps Chinese merchants sell their products to overseas customers.
The flaw could allow hackers to get into merchant’s online shop and tweak product prices, alter shipments or shut down the shop itself.
It also added that hackers could also expose details about product orders and shipping address, which could put customers in a vulnerable spot.
The Wall Street Journal reported Alibaba’s email statement as saying: "We are aware of the issue and took immediate steps to assess and remedy the situation."
"We have already closed the potential vulnerability and we will continue to closely monitor the situation."
"The security and privacy of our customers is our highest priority and we will do everything we can to continue to ensure a secure trading environment on our platforms."
AppSec founder Erez Metula said that the vulnerability mostly affected merchants, with credit card details immune to the flaw.
The Chinese e-commerce giant said that it was unaware about the existence of such a problem and has not received any reports about problems that might have occurred to merchants or customers in regards to the security issue.
AliExpress, which is reportedly a small part of Alibaba’s business, earns most of its revenue from the company’s online marketplaces Taobao and Tmall.
AppSec also added that it was unaware of any issues with Tmall and Taobao as it has not investigated the websites.
