Massive security flaw in Alibaba marketplace

Alibaba Group Holdings Ltd.
Chance Chan | Reuters

A major security flaw in an Alibaba marketplace exposed millions to hackers, according to an Israeli research firm.

AliExpress, which allows international consumers to buy goods from Chinese merchants, had a flaw that would have allowed someone to alter others' orders or access their personal and banking details, according to security firm AppSec Labs. Alibaba told the Wall Street Journal that it had fixed the problem.

"We would describe this as critical as it can affect any merchant," AppSec founder Erez Metulasaid told the Journal. "Since this is a high-profile site like Alibaba, there are lots of shops there and people using it are also connected to other systems." Credit card details, however, were not exposed by the flaw, he said.

Read MoreAlibaba should not have been allowed to list in US: Cuban

Alibaba told the paper that the company has closed the AliExpress vulnerability, and that the company was not aware of similar security problems on its other marketplaces.

The problems were first reported by Israel's Channel 10 TV, according to BuzzFeed.

For more on the Alibaba security flaw, read the post from the Wall Street Journal.