[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] XSS at Citibank.co.uk

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] XSS at Citibank.co.uk
From: Andrew Smtih <andrew.rse@xxxxxxxxx>
Date: Sat, 13 Aug 2005 15:38:40 +0100

Hi Full-Disclosure,
I'm here to report an XSS vulnerability in one of Citibank's websites.
I actually found this at a log in screen, but it's on an obscure sub domain 
so I don't beleive that much cookie stealing can be done from it.
Phishing, however, oh good lord yes. The phishing possbilities for this XSS 
vulnerability are immense (did I mention the site was SSL'd?).

Anyway, I informed citibank through e-mail (no response), posted it on my 
blog (no response, no fix..) and now I'll post it here.
I've had luck on FD in contacting BankOfAmerica employees in the past, so 
maybe there are a few Citibank admins listening? Let's hope so.

Here's the URL:

https://cukehb4.cd.citibank.co.uk/CappWebApp/capp/action/lang.do?languagecode=1&countrycode=<HTML
GOES HERE>&servicecode=signon&TS=1119807930296

And here's an outline (+screenshot) for if/when they fix it:

http://wheresthebeef.co.uk/show.php/xss/citibank.co.uk.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] XSS at Citibank.co.uk
  - From: Jim Duncan

Prev by Date: RE: [Full-disclosure] bash vulnerability?
Next by Date: Re: [Full-disclosure] bash vulnerability?
Previous by thread: RE: [Full-disclosure] bash vulnerability?
Next by thread: Re: [Full-disclosure] XSS at Citibank.co.uk
Index(es):
- Date
- Thread