The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property, aka a "double injection."
References
Configurations
History
21 Nov 2024, 00:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/4724 - | |
References | () http://www.securityfocus.com/archive/1/499124/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/32780 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/47277 - |
Information
Published : 2008-12-12 18:30
Updated : 2024-11-21 00:54
NVD link : CVE-2008-5551
Mitre link : CVE-2008-5551
CVE.ORG link : CVE-2008-5551
JSON object : View
Products Affected
microsoft
- internet_explorer
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')