Description of a Yahoo! Mail XSS vulnerability that has been patched silently by Yahoo.
49be6d3832e58169091bb8bd1a3af60369ca7fd7e23a79e16dee47991ca06fc3
Story of a dumb patch - This paper describes a mistake made by Microsoft in patch MS05-018 where Microsoft failed to properly fix a vulnerability having to release a new patch MS05-049. Hopefully this paper will open the eyes of software vendors to not repeat these kind of mistakes.
a79eb3b5aa2f5d80efad97626f1bd81b439fa096671c52ff737b3558b91a75e0