26 September 2017
Peter Roberts

Peter's lo-fi ramblings

Peter Roberts - UCL

224Posts 700,216Views 139Comments

RBS fix vulnerability in WorldPay site

21 May 2008  |  2592 views  |  0

Interesting read on The Register about a cross site scripting bug on Worldpay. Then a lot of comment about whether it was fixed quickly enough!

Amateur security sleuth Adam Grit spotted the loophole last month and found it allowed him to inject custom javascript code. He could then intercept all the sensitive information that users had typed onto a Worldpay payment page.

He tested it on their live site and confirmed it worked - and then emailed them the details of the problem. He apparently got no response.

TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Peter

ATM? No mate, it's a cutting edge work of art

20 August 2010  |  5146 views  |  0 comments | recomends Recommends 1 GroupWhatever...

German robbers blow up bank

26 May 2010  |  4641 views  |  1 comments | recomends Recommends 0 GroupWhatever...

Hacking your bank with the help of social networks...

29 April 2010  |  5087 views  |  0 comments | recomends Recommends 0 TagsSecurity

Britons tech knowledge a little lacking?

15 January 2010  |  4578 views  |  1 comments | recomends Recommends 0 GroupWhatever...

Is it just me or has online banking got worse?

04 January 2010  |  5249 views  |  5 comments | recomends Recommends 0 Tags

Peter's profile

job title Moodle support
location London
member since 2008
Summary profile See full profile »
I was the technical lead on the Finextra family of web sites from 1999 to 2009. I'm at UCL these days supporting Moodle.

Peter's expertise

Member since 2006
224 posts139 comments

Who's commenting on Peter's posts