XSPA / SSRF Vulnerability with the Yahoo! Developer Network

This is another video demonstrating a XSPA / SSRF vulnerability that I discovered on the Yahoo! Developer Network last year. This was a typical XSPA / SSRF bug that allowed an attacker to port scan Internet facing servers using Yahoo!’s machines. A limited amount of service fingerprinting was also possible.

Yahoo! has now fixed this issue and was nice enough to put that in an email. Oh, by the way there was no swag, unicorns,mugs or tshirts.

More on SSRF / XSPA: http://cwe.mitre.org/data/definitions/918.html http://www.riyazwalikar.com/2012/11/cross-site-port-attacks-xspa-part-1.html

Comments and feedback are welcome!

2 thoughts on “XSPA / SSRF Vulnerability with the Yahoo! Developer Network

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s