Serious security flaw in Yahoo discovered, researchers received only $12.5

Security researchers from “High Tech Bridge” revealed recently they have found serious security flaw in Yahoo’s 2 official domains.



September 23, the researchers reported to Yahoo security team of XSS vulnerabilities affecting the ecom.yahoo.com and adserver.yahoo.com domains.

The Yahoo security flaw accordingly can allow hackers to compromise any “@yahoo.com” email account and what required is only clicking a specially-crafted link received in an email.

Eventually, the security flaw was fixed by Yahoo security team. The best part there, security researchers from “High Tech Bridge” received a reward as part of Yahoo’s bug bounty program.

A meager $12.5! Another worth noting, the reward can only be used in “Yahoo Company Store.”
-->