sensi Posted February 8, 2014 Report Posted February 8, 2014 (edited) • Exploit: *.yahoo.com - Cross Site Scripting (reflected)• Author: sensi• Tested on: Mozilla Firefox• Status: Reported• PoC: http://iceimg.com/bkET8egQ/showoff.png Edited February 10, 2014 by sensi Quote
Melkachit Posted February 8, 2014 Report Posted February 8, 2014 Felicitari o sa primesti un tricou . Quote
Active Members dancezar Posted February 8, 2014 Active Members Report Posted February 8, 2014 (edited) Felicitari o sa primesti un tricou .falicitari esti prost este bug bounty ma anticulebravo sensi poti primi pana la 400-500$//sper ca l-ai raportat la hackerone Edited February 8, 2014 by danyweb09 Quote
sensi Posted February 8, 2014 Author Report Posted February 8, 2014 Multumesc! Si da, l-am raportat. Quote
b3hr0uz Posted February 10, 2014 Report Posted February 10, 2014 Hi,Can you publish the string you used for the xss?<i onmouseover=alert(1)> Quote
sensi Posted February 10, 2014 Author Report Posted February 10, 2014 Hi, I used "><img src=x onerror=prompt(1)> Quote
Htich Posted February 10, 2014 Report Posted February 10, 2014 Qualifying bugs will be rewarded based on severity. Our minimum reward is $250 USD, our maximum is $15,000 USD. Rewards are granted entirely at the discretion of Yahoo.Nu este rau de loc, bafta in ceea ce faci! Quote
sensi Posted February 10, 2014 Author Report Posted February 10, 2014 Mersi, am mai raportat si o vulnerabilitate de tip YQL, astept sa-mi raspunda Quote
b3hr0uz Posted February 10, 2014 Report Posted February 10, 2014 Thank you, sensi. I have reported a few myself. I am just trying to get in touch with other researchers and came across your post! Great work, man! I was lucky enough to find an on Yahoo! Send me your contact info, let's trade some information! Quote
Shelo Posted February 10, 2014 Report Posted February 10, 2014 Cine au facut site-urile de la Yahoo ... sunt vro 20 vulnerabilitati pe putin...Au fost incopetenti acum sa plateasca. Quote
