Definitely Secure Bank® returns, this time with a big Cross-Site Scripting (XSS) vulnerability:

To get in character, let’s have you open up your online banking portal and look around. Click here to open Definitely Secure Bank’s website and login. Use any username and any password you want (don’t worry - it’s definitely secure). Keep that tab open for the rest of this post.

Victor is killing it with this Web Security 101 series.