August 20, 2003
Hat-Squad Advisory: Cross Site Scripting Vulnerability in Yahoo WebSite

Vulnerability in Yahoo web site allows remote attackers to cause it to insert malicious HTML or JavaScript into existing
web pages of Yahoo Website.

Every time your are using yahoo messenger for send File to other yahoo messenger users, when you can not connect to his/her
Machine, then Yahoo Messenger Software Ask you for Do you want to upload your file TO yahoo servers? Now, if you chose yes Then Yahoo
Messenger Upload your file to yahoo Server and after that it gives you the link of download for that file. Now you can send this file to your Friends.

This link is look like:
YahooID: Your yahoo messenger ID
Filename: your File name
Random Code: is Random Characters (Alpha+numeric) only person who knows this random code can access to this file.

Now if you just add your script after the last " / " character you can insert your HTML or JavaScript Code to yahoo pages .
For Example:[script]alert('');[/script]

Also you can use this model:[script]alert('');[/script][script]"")[/script]
Replace [] With <>

Vulnerable URLs:


Found by:
Nima Majidi
Hat-Squad Security Research Team (


Join Hat-Squad Mailing List

E-mail Address:


Copyright 2003-2004, Hat-Squad security Group, All rights reserved.