The security hole was discovered by independent security researcher Sergiu Dragos Bogdan, who demonstrated how an attack could be carried out at the Defcamp security conference in Romania on Sunday.
In his presentation, he demonstrated how Yahoo’s web-based YQL (Yahoo Query Language) console can be used for the attack. By inserting special YQL codes into an external web page, it is possible for a hacker to take control of a user’s Yahoo account.
YQL is Yahoo’s own programming language that resembles the database language SQL. It can be used to manage data in Yahoo’s own databases.
Sergiu Dragos Bogdan states that he will share his findings with Yahoo and it is quite easy to prevent attacks of this type. Yahoo has not yet commented on the current security hole.
IDG News