XSS vulnerability reported in Yahoo subdomain website

0
62

XSS vulnerability reported in Yahoo subdomain website

Vansh Sharma & Vaibhuv Sharma from India Reported another important Cross site scripting XSS vulnerability in Yahoo subdomain as shown.

Vulnerable Link : http://au.tv.yahoo.com/plus7/royal-pains/
Proof of Concept : Search <img src=”<img src=search”/onerror=alert(“XSS”)//”> in box.
<!– adsense –>
Cross-site scripting (XSS) is a type of

Source: XSS vulnerability reported in Yahoo subdomain website