Yahoo! XSS Flaw Endangers its Users

← Back to Stories (view on slashdot.org)

Yahoo! XSS Flaw Endangers its Users

Posted by CowboyNeal on Thursday June 14, 2007 @07:16PM from the ever-vigilant dept.

Rarely Greys writes "A major Yahoo XSS flaw makes it possible to take over any Yahoo user's account, including their mail, instant messaging, photos, etc. This is not a rare occurrence. So why aren't web sites doing more to protect their users? It's looking like most web developers don't even know or care about XSS."

7 of 157 comments (clear)

Talk about an exploit... by C10H14N2 · 2007-06-14 19:36 · Score: 1, Funny

What the hell are "Penis painted" bars? /Useless without pics
1. Re:Talk about an exploit... by superash · 2007-06-14 19:47 · Score: 3, Funny
  
  Don't act dumb. It is no longer cute.
2. Re:Talk about an exploit... by Anonymous Coward · 2007-06-14 22:52 · Score: 1, Funny
  
  For fucks sake.
  
  Please Oh Evil God Of Intenet Wankers, Memes and MySpace, let this meme die quickly.
XSS? by bar-agent · 2007-06-14 20:28 · Score: 2, Funny

What's XSS?

Eh, never mind. I don't really care.

--
i'd hit it so hard, if you pulled me out you'd be the king of britain [bash.org]
1. Re:XSS? by RuBLed · 2007-06-14 20:53 · Score: 1, Funny
  
  so do I... but what I really care about is that the blog lacks Cute Ponies 2.0 (tm)
Re:Why web developers don't care about XSS by Fireflymantis · 2007-06-14 21:02 · Score: 1, Funny

A link to the source document would probably have been a lot more helpfull. It's no longer cute to act dumb.
Re:Responsible disclosue? by Simon+Garlick · 2007-06-14 21:57 · Score: 2, Funny

You seem to have forgotten that this is Slashdot. Let me break it down for you.

Google = GOOD
Yahoo = BAD

You're welcome.

--

-----
PGP Key ID 0xCB8FF658