Yahoo Flaw Allowed Hackers to Read Anyone's Emails

Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user's inbox. Jouko Pynnönen, a Finnish Security researcher from security firm Klikki Oy, reported a DOM based persistent XSS (Cross-Site Scripting) in Yahoo mail, which if exploited, allows an attacker to send emails embedded with malicious code. <!-- adsense --> In

from The Hacker News http://ift.tt/2h14WF8
via IFTTT