Tags

, , , , , , , , , , , , , , , , ,

雅虎日本公开重定向安全漏洞

Vulnerability Description:

Yahoo.co.jp is vulnerable to Open Redirect attacks.

The vulnerabilities occurs at “/yj-affiliate-entry?” page with “VIEW_URL” parameter.

Use one of webpages for the following tests. The webpage address is “http://www.inzeed.com/kaleidoscope“. Suppose that this webpage is malicious.

main_web_4

Poc Video:
http://v.youku.com/v_show/id_XODUxOTUxNDEy.html

Blog Details:
http://securityrelated.blogspot.com/2014/12/yahoo-yahoocojp-open-redirect-security.html

http://webtech.lofter.com/post/1cd3e0d3_4a51d74

Advertisements