Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories ยป

Channels

Security
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

RBS fix vulnerability in WorldPay site

Interesting read on The Register about a cross site scripting bug on Worldpay. Then a lot of comment about whether it was fixed quickly enough!

Amateur security sleuth Adam Grit spotted the loophole last month and found it allowed him to inject custom javascript code. He could then intercept all the sensitive information that users had typed onto a Worldpay payment page.

He tested it on their live site and confirmed it worked - and then emailed them the details of the problem. He apparently got no response.

2918

Channels

Security
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (0)

Join the discussion

Member since

0

Location

0

More from member

Community
See all blogs »
 

Cybersecurity is Essential for Risk Management: Optimizing Security Spend Cloud-Native Platforms

Kevin Eley

Kevin Eley

Digital Banking 

How to build secure banking apps and digital wallets

Pavlo Farb

Pavlo Farb

 

The Art of Data Privacy

Dennis Buckly

Dennis Buckly

Payments strategies 2015-2020-2030 

Merchant Disputes Unveiled: How Card Protections Measure Up Against A2A Payments

Fatemeh Nikayin

Fatemeh Nikayin

Now hiring

See more