SecurityRatty: Mastercard.com NOT PCI Compliant

Desktop
Mobile
WAP

Widgets
Home

This is cache of http://feeds.feedburner.com/~r/GrumpySecurityGuy/~3/211700630/. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.

Mastercard.com NOT PCI Compliant

2008-01-05 17:40:33 by Bill in Grumpy Security Guy

Someone has found an XSS vulnerability on mastercard.com. The place it was found, the search function, is a notorious location for XSS vulnerabilities. The XSS payload that triggers the vulnerability leads me to believe that there was a fair amount of filtering going on but I guess not enough.

Who does Mastercard pay PCI penalties to?

Related Posts

PCI Sets the Ceiling Not the Floor
I was somewhat surprised to read this post from RSnake about how good PCI is for business. I have to...

Post from: Grumpy Security Guy

Mastercard.com NOT PCI Compliant

Tags: pci, pci penalties, pci compliant, mastercard, pci sets, grumpy security guy, post, notorious location, xss vulnerabilities

BROWSE CATEGORIES

Expand / Minimize

TOP SEARCH

Expand / Minimize

RECENT SEARCH

Expand / Minimize

RELATED VIDEO

Expand / Minimize

SecurityRatty FAQ

Amazon.com Widgets

Creative Commons License

Copyright © 2007 iRatty Ltd. Some rights reserved. iRatty's logo, trademarks and other marks that appear throughout this Web site, network, its affiliates, or any third party trademark owners, and are protected by U.S. and international trademark laws. You are prohibited from using any of the marks appearing throughout this Web site without express written consent from the respective trademark owner except as permitted by applicable laws. This network is also under protection of The Digital Millennium Copyright Act.