Stored XSS in Yahoo

Stored XSS in Yahoo! | by Shahzada AL Shahriar Khan - Freedium Milestone: 20GB Reached We’ve reached 20GB of stored data — thank you for helping us grow! Patreon Ko-fi Liberapay Close < Go to the original Stored XSS in Yahoo! Sharing is Caring :) When we share, we open doors to a new beginning…../ Shahzada AL Shahriar Khan Follow ~2 min read · April 27, 2018 (Updated: June 18, 2018) · Free: Yes Well, This is Shahzada Al Shahriar Khan. And I am from Bangladesh. Now I am going to share how I found Stored Cross-Site Scripting (XSS) in Yahoo. Steps to Reproduce: Go to https://www.yahoo.com/news Comment this payload: "> Now what? Voila! We get the famous confirm(1) to popup! :D I am trying another payload that I can write something in popup box, and found this payload: That moment I feel like a boss! Here is the video PoC: Timeline: 31/03/2018 — Initial Report. 01/04/2018 — HackerOne staff asked for 'Needs more info.' 01/04/2018 — More Info Submitted. 04/04/2018 — Triaged and a $300 initial bounty rewarded. 06/04/2018 — Bug Resolved. 11/04/2018 — $1700 bounty rewarded. ( Total $2000 ) Thanks for reading…./ ./TheShahada https://hackerone.com/theshahzada_thes https://twitter.com/TheShahzada https://www.facebook.com/TheShahzada.TheS http://blog.theshahzada.com/ Originally published at steemit.com on April 27, 2018. #bug-bounty #hackerone #hacking #yahoo #xss-attack Reporting a Problem Sometimes we have problems displaying some Medium posts. If you have a problem that some images aren't loading - try using VPN. Probably you have problem with access to Medium CDN (or fucking Cloudflare's bot detection algorithms are blocking you).