Security.allowDomain("*") in SWFs on img.autos.yahoo.com allows data theft from Yahoo Mail (and others)

Disclosed: 2015-08-14 20:07:44 By jordanmilne To yahoo

Unknown

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 1171
State: Closed
Substate: resolved
Upvotes: 4

Share this report