Microsoft Internet Explorer Cross-Site Scripting Attack Vulnerability
RISK: High Risk
TYPE: Clients - Browsers
A vulnerability was identified in Microsoft Internet Explorer. A remote user can conduct cross-site scripting attacks.
A remote user can create specially crafted HTML that, when loaded by a target user, will bypass the Microsoft Internet Explorer same origin domain policy and execute arbitrary scripting code. The code will originate from an arbitrary site and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
NOTE: No solution is currently available.
Impact
- Cross-Site Scripting
System / Technologies affected
- Version 11
Solutions
- No solution is currently available.
Vulnerability Identifier
- 暫時未有 CVE 參考提供。
Source
Related Link
Share with