"An extremely convincing phishing attack is using a cross-site scripting
vulnerability on an Italian Bank's own website to attempt to steal
customers' bank account details. Fraudsters are currently sending
phishing mails which use a specially-crafted URL to inject a modified
login form onto the bank's login page.
The vulnerable page is served over SSL with a bona fide SSL
certificate issued to Banca Fideuram S.p.A. in Italy. Nonetheless, the
fraudsters have been able to inject an IFRAME onto the login page which
loads a modified login form from a web server hosted in Taiwan. "
Good real life example of XSS being used.
Article Link: http://news.netcraft.com/archives/2008/01/08/italian_banks_xss_opportunity_seized_by_fraudsters.html
