A quick video post showing the XSPA/SSRF bug found with Yahoo! Developer Network. This bug allowed for network port scanning and banner grabbing.

This is another video demonstrating a XSPA / SSRF vulnerability that I discovered on the Yahoo! Developer Network last year. This was a typical XSPA / SSRF bug that allowed an attacker to port scan Internet facing servers using Yahoo!’s machines. A limited amount of service fingerprinting was also possible.

To read more about XSPA/SSRF issues - Cross Site Port Attacks - XSPA - Part 1

Yahoo! has now fixed this issue and was nice enough to put that in an email. Oh, by the way there was no swag, unicorns,mugs or tshirts.