Bugtraq mailing list archives
Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger
From: Outlaw () aria-security net
Date: 27 Jan 2007 02:51:58 -0000
This Vulnerability works even when you put your script (<img src="javascript:alert('Executed from ' + top.location)" >) in nickname and you can insert HTML codes in Nickname and Lastname.
Current thread:
- Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger hainamluke (Jan 26)
- RE: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Ahmed Sheipani (Jan 27)
- Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger 3B.Security Researcher (Jan 29)
- <Possible follow-ups>
- Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Outlaw (Jan 27)
- RE: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger Ahmed Sheipani (Jan 27)