1. Cross-site scripting (reflected)
Severity: | High |
Confidence: | Certain |
Host: | http://www.ing.com |
Path: | /Ons-Bedrijf/Over-ons |
GET /Ons-Bedrijf/Over-ons Host: www.ing.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Thu, 29 Dec 2011 16:03:07 GMT Last-Modified: Thu, 29 Dec 2011 16:03:07 GMT Cache-Control: private, must-revalidate Expires: Wed, 16 Aug 2000 10:00:00 GMT Content-Type: text/html;charset=utf-8 Connection: close Content-Length: 71316 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <!-- ...[SNIP]... <a href="http://twitter.com ...[SNIP]... |