[Full-disclosure] Phishmarket #2 (IFrame Spoofing/XSS on Austrian bank sites)
skyout at gmx.net
skyout at gmx.net
Fri Feb 16 16:26:52 GMT 2007
Dear Sir or Madam,
I want to point your attention to a new list, that shows up to 40 (!)
vulnerabilities on Bank sites of Austria and proves another time
how insecure online banking still is. The list is publicly available under:
------------------------------------------------------------
http://baseportal.com/baseportal/phishmarkt/at
------------------------------------------------------------
To every page a demo is provided, that shows how to trigger the
mostly IFrame Spoofing and XSS vulnerabilities on the page.
I would appreciate you taking a look at the list and spreading the
link to make those sites react quickly and fix the problem.
SkyOut
Full-Disclosure is hosted and sponsored by Secunia.