Back to directory

WRITEUP #6134

Stealing $10,000 Yahoo Cookies!

OtherCORS misconfiguration

by@_tabahi(Tabahi)

Bounty

10,000

Program

Yahoo! / Verizon Media

Published

Dec 30, 2017

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.witcoat.com/2018/05/30/stealing-10000-yahoo-cookies/

▸ RELATED WRITEUPS

My First Bug Bounty: CORS Misconfiguration

OtherCORS misconfiguration

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Built with ❤️ by Shubham Rawat