Join the Community

22,425

Expert opinions

44,451

Total members

441

New members (last 30 days)

165

New opinions (last 30 days)

28,834

Total comments

Join Sign in

RBS fix vulnerability in WorldPay site

21 May 2008 Be the first to comment

Retired member

Interesting read on The Register about a cross site scripting bug on Worldpay. Then a lot of comment about whether it was fixed quickly enough!

Amateur security sleuth Adam Grit spotted the loophole last month and found it allowed him to inject custom javascript code. He could then intercept all the sensitive information that users had typed onto a Worldpay payment page.

He tested it on their live site and confirmed it worked - and then emailed them the details of the problem. He apparently got no response.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

2983

Report

Channels

/security

Comments: (0)

More expert opinions

Steve Morgan Banking Industry Market Lead at Pegasystems

The Road Ahead For AI In Banking

2 hours

Jeremy Light Co-founder at Fourdotzero

National Payment Visions and Strategies

3 hours

Kajal Kashyap Business Development Executive at Itio Innovex Pvt. Ltd.

The Growing Importance of White-Label Payment Gateways in the Digital Payment Ecosystem

4 hours

Konstantin Rabin Head of Marketing at Kontomatik

BIT Mining Expands Crypto Operations in Ethiopia with $2.26M Acquisition of Data Centers

5 hours

See all opinions