雅虎日本公开重定向安全漏洞

雅虎日本公开重定向安全漏洞

Vulnerability Description:

Yahoo.co.jp is vulnerable to Open Redirect attacks.

The vulnerabilities occurs at “/yj-affiliate-entry?” page with “VIEW_URL” parameter.

Use one of webpages for the following tests. The webpage address is “http://www.inzeed.com/kaleidoscope“. Suppose that this webpage is malicious.

main_web_4

Poc Video:
http://v.youku.com/v_show/id_XODUxOTUxNDEy.html

Blog Details:
http://securityrelated.blogspot.com/2014/12/yahoo-yahoocojp-open-redirect-security.html

http://webtech.lofter.com/post/1cd3e0d3_4a51d74

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s