devitry.com

Tech in the country. Programming & Technology inovations.

Saturday, May 30, 2009

Fresh Cross Site Scripting (XSS) vulnerablities..

I've updated my Banking security page with some new details on current security vulnerabilities and dumb security mistakes that top banking sites make. Included in this list is a 3 year old session bug in HSBC and XSS bugs in ING Direct and US Bank. It's really hard to believe that sites that must spend millions on security don't handle some of the most basic (and old) online security bugs.

Labels: , , , ,