Two critical XSS bugs on Barclays bank website

Written by DP

Sunday, 3 May 2009

Security researcher Pierre Gardenat has recently discovered two critical cross-site scripting bugs on

Barclays is one of the most respected banks in the world, trusted by millions of people to take good care of their money.

Therefore, malicious people can exploit these XSS vulnerabilities to conduct phishing attacks against Barclay's customers and also to infect them with crimeware.

Barclays bank has been XSSed in the past:

XSS: XSS by Pierre Gardenat XSS by Pierre Gardenat XSS by XSS by mox XSS by TreX XSS by Skyr3x XSS by CCC XSS by PanterA

Barclays XSS vulnerability comes handy for scammers and blackhat hackers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.