Yahoo! Advertising Service has is vulnerable to cross-site scripting security bugs, discovered by Soumyodeep Mondal. Vulnerability is yet unfixed and exploitable using a simple payload as shown in screenshot. There is a demo video also available to show Proof of concept. Back in January, Yahoo! said that it had fixed a cross-site scripting (XSS) vulnerability in its webmail service which was blamed for a spate of account hijackings. The compromised accounts were used to send spam. Also The Yahoo! blog was vulnerable to XSS attacks because it utilized an outdated version of WordPress.
0 comments:
Post a Comment
WELLCOME MY WEB
Click to see the code!
To insert emoticon you must added at least one space before the code.