17 July 2018
Peter Roberts

Peter's lo-fi ramblings

Peter Roberts - UCL

224Posts 722,188Views 139Comments

RBS fix vulnerability in WorldPay site

21 May 2008  |  2661 views  |  0

Interesting read on The Register about a cross site scripting bug on Worldpay. Then a lot of comment about whether it was fixed quickly enough!

Amateur security sleuth Adam Grit spotted the loophole last month and found it allowed him to inject custom javascript code. He could then intercept all the sensitive information that users had typed onto a Worldpay payment page.

He tested it on their live site and confirmed it worked - and then emailed them the details of the problem. He apparently got no response.

TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Peter

ATM? No mate, it's a cutting edge work of art

20 August 2010  |  5373 views  |  0 comments | recomends Recommends 1 GroupWhatever...

German robbers blow up bank

26 May 2010  |  4825 views  |  1 comments | recomends Recommends 0 GroupWhatever...

Hacking your bank with the help of social networks...

29 April 2010  |  5262 views  |  0 comments | recomends Recommends 0 TagsSecurity

Britons tech knowledge a little lacking?

15 January 2010  |  4786 views  |  1 comments | recomends Recommends 0 GroupWhatever...

Is it just me or has online banking got worse?

04 January 2010  |  5436 views  |  5 comments | recomends Recommends 0 Tags

Peter's profile

job title Moodle support
location London
member since 2008
Summary profile See full profile »
I was the technical lead on the Finextra family of web sites from 1999 to 2009. I'm at UCL these days supporting Moodle.

Peter's expertise

Member since 2006
224 posts139 comments

Who's commenting on Peter's posts