Indian Jewellery Store’s web version www.Tanishq.co.in contains large number of vulnerabilities that may expose sensitive customer data. Until the vulnerability is fixed, Visitors must not buy anything from the Tanishq’s website.
A security researcher has revealed and demonstrated that Official Tanishq’s website contains severe vulnerabilities like Cross site Scripting [XSS], Iframe injection and some other flaws and it could severely affect the visitors data who wants to purchase an Item from the store.
The ridiculous thing is Tanishq was contacted by the security researchers a month ago but still the researchers are eagerly waiting for the response.
Tanishq is a division of Titan Industries Limited, a company promoted by the Tata Group is not expected to be so careless about the sensitive data of its online visitors. As far as I’m concerned, This incident will definitely discourage me to buy anything from a private website and also this incident has raised a question mark on all the popular shopping websites because we don’t know whether they are vulnerable or not.