[Full-disclosure] [Argeniss] Alert - Yahoo! Webmail XSS
Thierry Zoller
Thierry at Zoller.lu
Tue Apr 18 15:41:05 BST 2006
Dear Cesar Cesar,
C> for a couple of seconds a weird URL, address bar
C> didn't change (MS please change this behaviour!), but
You know what a Frame is do you ? All browsers display the source of
the html page in the URL bar, not the source of the frame(s).
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
Full-Disclosure is hosted and sponsored by Secunia.