Marsden11 Posted October 7, 2003 Share Posted October 7, 2003 Changing the password doesn't make the link stop working 1. Launch Yahoo Messenger client (only tested the win32 version... should work on any version)2. Send an email to your yahoo account3. Click the read mail thing when it pops up in YIM. (make sure prefs->general->Automatically sign me in to Yahoo! Mail, blah blah when I click a link blah blah is set)4. Stop your browser from the redirect using method of choice5. Note URL, and accidentally distribute it.So, initially getting this URL requires access to a logged-in yahoo messenger, but still, the bad part is, *****THE LINK WORKS AFTER YOU CHANGE YOUR PASSWORD***** This was found when a version of Mozilla Firebird was breaking on the redirect page... the user copied the URL into his bugzilla report, and it was observed that anyone could access his email.new URL(the old one seems to have expired... so they allow you to log in for like a day with the same link). Quote Link to comment Share on other sites More sharing options...
Stonegiant Posted October 8, 2003 Share Posted October 8, 2003 Someone is going to be <ahem> testy about that floating around... Quote Link to comment Share on other sites More sharing options...
Marsden11 Posted October 8, 2003 Author Share Posted October 8, 2003 It's just a test account. Quote Link to comment Share on other sites More sharing options...
havnblast Posted October 8, 2003 Share Posted October 8, 2003 oh no someone might get my spam mail - well I just hope they delete it while they are in there. Quote Link to comment Share on other sites More sharing options...
Marsden11 Posted October 8, 2003 Author Share Posted October 8, 2003 It appears Yahoo turned off Auto Login today. Password now required first. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.