Vulnerability Description: The yahoo statistics function is widely used for site access statistics, used to make a variety of data analysis such as access to the source, The Client Access page statistics, etc., specific information can access the web site http://tongjia. yahoo. cn. But 80sec found that the feature there is a serious vulnerability that could lead to user information being stolen, and may be in possession of the user's yahoo ID, enter including mail. yahoo. cn within other services.
Vulnerability causes: the yahoo statistics function to get the user to submit the parameters when the lack of the necessary filtering, resulting in a malicious user can submit a carefully constructed data into the Control Panel background, such as access to address information is not filtered into the background, so that you can lead to a cross-site scripting attack vulnerability. In addition, as yahoo the user authentication information the lack of necessary protection, you can lead a malicious user to obtain sensitive information, and then use yahoo's authentication mechanism of the defects, you can use the identity of the user into other services such as mail. yahoo. cn
Vulnerability test: with the yahoo statistics page, via the below address visit:
http://www.foosite.com/index.php?"& gt;<script>alert(.)& lt;/script>
Bug fixes: the vendor has been fixed
Vulnerability status: 80sec to 6. 1 3 to discover the vulnerability 80sec to 6. 1 3 submitted to the vendors 6.16 the vendor to fix the vulnerability 6.18 issue of the Bulletin