Vulnerability Type: Cross Site Scripting (XSS)
- Reported on 18-03-2014
- Fixed on 28-04-2014
I'm closing this report as the bug is no longer valid. It is possible it was fixed due a duplicate report or it was fixed with a product update.
Steps to reproduce:
Use any E-mail service that allow us to use special characters in 'Name' while sending an E-mail.
There are many out there but we will use Yandex as an example here. (You can also use- http://emkei.cz/)
1. Login to your Yandex Account (or Create New) and go to https://mail.yandex.com/neo2/#setup/sender
2. Set your name as:
" onmouseover=alert(0) a
and click on 'Save Changes' button.
3. Now, Go to https://mail.yandex.com/neo2/#compose
In 'To' field, write your own Yahoo Email Address. Fill other required fields (if any) and send the message.
4. Check your Yahoo Inbox. Click on [onmouseover=alert(0) a] name and move your mouse over 'New Message'.
You will see pop-up due to XSS vulnerability.
Proof Of Concept [Image]:
There are many out there but we will use Yandex as an example here. (You can also use- http://emkei.cz/)
1. Login to your Yandex Account (or Create New) and go to https://mail.yandex.com/neo2/#setup/sender
2. Set your name as:
" onmouseover=alert(0) a
and click on 'Save Changes' button.
3. Now, Go to https://mail.yandex.com/neo2/#compose
In 'To' field, write your own Yahoo Email Address. Fill other required fields (if any) and send the message.
4. Check your Yahoo Inbox. Click on [onmouseover=alert(0) a] name and move your mouse over 'New Message'.
You will see pop-up due to XSS vulnerability.
Proof Of Concept [Image]:
Proof Of Concept [Video]:
Posts
