WHID 2007-32: XSS vulnerability on various German online banking sites

I seldom add disclosures anymore to WHID, even less XSS disclosures, but since this time they were discovered in banking sites, I thought it was worth it. After all, too many times people think that application vulnerabilities are found only at less "serious" or less "important" web sites where no real damage can occur.

Additional information:

• XSS vulnerability on various german online banking sites [Full Disclosure, May 17 2007]