The Latest in IT Security

Expert Finds RCE Flaw in Yahoo After Logging in with “Admin/Admin” Credentials

19
Mar
2014

Security researcher Behrouz Sadeghipour has identified a number of vulnerabilities on a Hong Kong subdomain of Yahoo (hk.yahoo.net). Fortunately, Yahoo has rushed to address the security holes reported by the expert.

According to Sadeghipour, he came across the vulnerabilities while analyzing a cross-site scripting (XSS) issue. While looking at the HTTP headers, he came across an administrator login page for the hk.yahoo.net domain.

He simply tried to log in with the …

Comments are closed.

Categories

MONDAY, SEPTEMBER 25, 2017

Featured

Archives

Latest Comments

Social Networks