![The Hackers Mediaâ„¢ [ THM ]](http://3.bp.blogspot.com/-gN-J3rIaqUY/UDSb1nP-CDI/AAAAAAAAAwA/dBFQ8ATcUyQ/s1600/updaate%2B111.png)
Yahoo! Advertising Service has is vulnerable to cross-site scripting security bugs, discovered by Soumyodeep Mondal. Vulnerability is yet unfixed and exploitable using a simple payload as shown in screenshot. There is a demo video also available to show Proof of concept. Back in January, Yahoo! said that it had fixed a cross-site scripting (XSS) vulnerability in its webmail service which was blamed for a spate of account hijackings. The compromised accounts were used to send spam. Also The Yahoo! blog was vulnerable to XSS attacks because it utilized an outdated version of WordPress.
Categories:
XSS
,
XSS Attacks
,
Yahoo
0 comments:
Post a Comment