MOSEB-02: Vulnerability at

18:36 02.06.2007

Next participant of the project is Yahoo search engine. It is 2nd of the top search engines in world.

The vulnerability is in Image Search of Yahoo! Search ( This Cross-Site Scripting hole I found 08.04.2007.


The vulnerability is in rcurl parameter:

Moral: searching for images can be dangerous.

2 відповідей на “MOSEB-02: Vulnerability at”

  1. dasickis каже:

    I think this has been patched.

  2. MustLive каже:

    Yes, dasickis, it was patched alredy. I also rechecked this hole today and found that it has been fixed.

    Well done, Yahoo. You was not so lazy and found time for fixing. Keep watching guys, I’ll mention Yahoo some more during the month.

Leave a Reply

You must be logged in to post a comment.