Vodafone XSS

The guys from NovuSec discovered a really interesting XSS vulnerability: link.

Another possibility would be to e.g. include an iframe with a phishing form: http://tinyurl.com/yed48zy

Of course I would never do that. I just share this information for educational purposes :).