new icn messageflickr-free-ic3d pan white
Sampo Online Bank XSS security hole exploited | by roxeteer
Back to photostream

Sampo Online Bank XSS security hole exploited

On the next day after its launch, a cross-site scripting (XSS) security hole was discovered in Sampo Online Bank. In this screenshot, the security hole is exploited by displaying Nordea Online Bank login screen in sampopankki.fi domain.

 

Try it yourself before it gets fixed: tinyurl.com/2wqzhw

9,392 views
1 fave
6 comments
Uploaded on March 26, 2008