Yahoo Mail flaw gets fixed, and a researcher nets $10K
If the bug hadn't been squashed, users of Yahoo's email service might have been victimized merely by reading a compromised message.
A critical flaw in Yahoo Mail, which might have allowed attackers to hijack accounts, has been fixed.
The bug was fixed in early January, not long after Yahoo was informed about the security issue through its HackerOne bug bounty program. It was disclosed privately to the Sunnyvale, California-based company by security researcher Jouko Pynnönen, who was awarded $10,000 for his efforts.
Pynnönen said the vulnerability was patched before it affected any real-world users.
According to the researcher, the problem lay in how Yahoo filters HTML-formatted email messages. While the company performs this task to prevent malicious code from landing in user inboxes, Pynnönen says "certain malformed HTML code could pass the filter."
The proof-of-concept video below demonstrates how the vulnerability could be exploited to forward a compromised inbox to an external server, as well as how a virus could be loaded to attach itself to all outgoing emails sent by a victim.
The vulnerability affected all versions of Yahoo Mail but not the tech giant's accompanying mobile application.
This story originally appeared at ZDNet under the headline "Critical Yahoo email flaw patched through bug bounty program."