Category: homes.yahoo.net

XSS, homes.yahoo.net, Cross Site Scripting, Javascript Injection, CWE-79, CAPEC-86, PoC, Resolved

PoC Summary The Mortgage Calculator in homes.yahoo.net was vulnerable to Reflected Cross Site Scripting (RXSS) in multiple parameters. Reported to Y! Security in October 2013 and more recently resolved, this PoC was outside the Scope of the Y! Bug Bounty Program.  Y! Bug Bounty Scope XSS in homes.yahoo.net The domains and properties below are in […]