XSS bugs on the websites of the world's largest payment/credit-card proccessors are unacceptable. Most of the world's financial institutions issue a Visa or a MasterCard to consumers. Even if their vulnerable sites do not hold real personal or financial information about consumers, malicious people can still leverage the XSS bugs with phishing
Via "xssed"
