HTML Element Cross-Domain Vulnerability| ID: oval:org.mitre.oval:def:8553 | Date: (C)2010-03-30 (M)2023-12-14 |
| Class: VULNERABILITY | Family: windows |
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."
| Platform: |
| Microsoft Windows 2000 |
| Microsoft Windows XP |
| Microsoft Windows Server 2003 |
| Microsoft Windows Vista |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows 7 |
| Product: |
| Microsoft Internet Explorer 6 |
| Microsoft Internet Explorer 7 |
| Microsoft Internet Explorer 8 |
