Code104 News: XSS vulnerability reported in Yahoo subdomain website

Home
Hackers
Security News
Defacements
Vulnerability
Cyber-Crime
Our Friends

Tuesday, 10 January 2012

XSS vulnerability reported in Yahoo subdomain website

Posted by Code104 Reporter Labels: Cyber News, Hacker News, Hackers, Indian Hackers, News, Security News, Vulnerability, XSS on , | Comments

Vansh Sharma & Vaibhuv Sharma from India Reported another important Cross site scripting XSS vulnerability in Yahoo subdomain as shown.

Vulnerable Link : http://au.tv.yahoo.com/plus7/royal-pains/
Proof of Concept : Search <img src="<img src=search"/onerror=alert("XSS")//"> in box.

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users.

Subscribe to: Post Comments (Atom)

About Us !

This Blog is Maintained by Team "Code104" a.k.a League of Assasins to provide cyber news to the world in a better manner ! You can also submit news by e-mailing the brief info about your defacements ! at [news.code104@gmail.com]