Yahoo Mail Users Account at Risk

Yahoo mail XSSFew days back, a security researcher has found DOM based Cross site scripting (XSS) vulnerability i Yahoo that can be used to hijack users yahoo mail accounts. Within few hours, company started working on the fix and then claimed to fix the security hole. But researchers have found that vulnerability still exists and the patch by the company was not effective.

Security researcher Shahin Ramezany has managed to exploit the XSS on the same place again after company claimed to patch the vulnerability. He showed how attackers can convince the victim to click on a link with malicious code and then give up the account.

Yahoo officials has nothing to say about this after the vulnerability has been reproduced. But I am advising all readers not to click on any kind of suspicious links coming in the emails.

Here is the POC of the vulnerability and attack. See the demo video:

Share this article
Shareable URL
Prev Post

LinkedIn Hits 200 Million users

Next Post

Facebook Announced Facebook Hacker cup 2013

Leave a Reply
Read next
Subscribe to our newsletter
Get notified of the best deals on our WordPress themes.
0
Share