Link to the Italian language blog entry: http://www.andreagiuliani.com/2006/12/04/vulnerabilita-su-sito-american-express-possibile-attacco-phishing/
Google Translate gives the following result: "In a serveur of American Express a script resides jsp that it allows redirect to one the external page also to the dominion of americanexpress.com. Practically a URL of this type:" The researcher Andrea Giuliani, 16 years old geek from Italy, has contacted credit card giant about the flaw. Sample links here: http://vincenzoampolo.nanofreesoft.org/?p=46 - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
