A serious flaw in Yahoo!Mail could have been exploited by crooks to read victims’ messages.
Jouko Pynnönen says he reported the vulnerability in Yahoo! Mail via bug-bounty organizers HackerOne. “The impact of the bug is similar to the one I reported last year, which also brought a $10k bounty,” Pynnönen told El Reg. “It allowed an attacker to, for example, read a victim’s email.”
Complete article: A serious flaw in Yahoo!