Yahoo Flaw Allowed Hackers to Read Anyone’s Emails

By [email protected] (Swati Khandelwal) Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user’s inbox.

Jouko Pynnönen, a Finnish Security researcher from security firm Klikki Oy, reported a DOM based persistent XSS (Cross-Site Scripting) in Yahoo mail, which if exploited, allows an attacker to send emails embedded with malicious code.

In

Via:: Yahoo Flaw Allowed Hackers to Read Anyone’s Emails