A grey hat hacker has discovered cross-site scripting holes in 25 UK online stores that are certified as safe by the likes of VeriSign, Visa, and MasterCard. XSS holes were found by a hacker named Freedom who in the past has identified other such vulnerabilities in some important websites XSS vulnerabilities allow a wide spectrum of attack. These can include intercepting session cookies to steal sensitive information, including authentication credentials or billing info without the victims knowledge, or posting of malicious payloads to a social network.”]
Source: https://nakedsecurity.sophos.com/2012/02/28/verisign-xss-holes/