湛天雲海碧波影

湛天
雲海
碧波影

白帽子计算机安全:

Yahoo Yahoo.com Open Redirect Security Vulnerabilities


Vulnerability Description:

Yahoo.com is vulnerable to Open Redirect attacks.


The vulnerabilities occurs at "ard.sp1.yahoo.com" pages with "R" parameter.


Use one of webpages for the following tests. The webpage address is "http://diebiyi.com/articles". Suppose that this webpage is malicious.

 


Poc Video:

https://www.youtube.com/watch?v=k4eFLsTyZkg

 




Reported by:

Wang Jing, School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore

http://www.tetraph.com/wangjing







Blog Details:

http://securityrelated.blogspot.sg/2014/12/yahoo-yahoocom-open-redirect-security.html




评论
热度 ( 17 )
TOP