Read arbitrary ASCII files on YQL backend servers via XSLT unparsed-entity-uri() and parameter entities

Disclosed: 2024-05-15 22:55:47 By agarri_fr To yahoo

Unknown

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 19678
State: Closed
Substate: resolved
Upvotes: 35

Share this report