« PAPER: Preventing Http Session Fixation Attacks | Main | Rootkits, cybercrime and OneCare By TheRegister »

Yahoo Cross Site Scripting Vulnerability Discovered

A posting to the Full Disclosure mailing list claims an unpatched Cross Site Scripting vulnerability in Yahoo!'s mail with example script code. Quoting the author

"i didnt contact yahoo, because i contacted them previously regarding a similar vulnerability, and yes they fixed it "silently" without even sending me a thank you email, frankly i didnt really appreciate that."

Oh and Happy Holidays.

Mailing List Post Link: Yahoo mail Cross Site Scripting vulnerability (Mail Posting)

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!