The first of the three, a persistent script code-inject vulnerability disclosed, affected Yahoo’s Mail web app and API. To give researchers a new avenue to report vulnerabilities, companies such as Cloudflare and OpenSSL have also begun using the service over the last several months. To date, one has been paid through the HackerOne vulnerability disclosure program, a platform the company began using five months ago. The vulnerabilities in Yahoo Mail, Messenger and its Flickr photo-sharing site qualified for bounties from Yahoo. Yahoo recently patched three remotely exploitable vulnerabilities in its services that could have let attackers inject malicious script and led to session hijacking, phishing, among other nefarious tricks.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |