XSS,, Cross Site Scripting, Javascript Injection, CWE-79, CAPEC-86, PoC, Resolved

PoC Summary The Mortgage Calculator in was vulnerable to Reflected Cross Site Scripting (RXSS) in multiple parameters. Reported to Y! Security in October 2013 and more recently resolved, this PoC was outside the Scope of the Y! Bug Bounty Program.  Y! Bug Bounty Scope XSS in The domains and properties below are in […]