Security researcher Nemessis, has submitted on 04/10/2007 a cross-site-scripting (XSS) vulnerability affecting wizards.yahoo.com, which at the time of submission ranked 1 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 04/10/2007. It is currently fixed. |
Date submitted: 04/10/2007 |
Date published: 04/10/2007 |
Date fixed: 29/11/2007 | Status: FIXED |
Author: Nemessis |
Domain: wizards.yahoo.com |
Category: XSS |
Pagerank: 1 |
URL: http://wizards.yahoo.com/members/tools/publishing/wizards/server/popup/image?_wizard=-//Yahoo//Wizar ds//AboutMe&_stylesheet=-//Yahoo//Stylesheets//Wizards//Core&_domain=us.z&_whose=ours&image=javascri pt:document.write('aa')&imgwidth=180&imgheight=180&_filestore=geocities';</script><script>alert(1)</ script> |
Click here to view the mirror
|
|
|