HTML Element Cross-Domain VulnerabilityID: oval:org.mitre.oval:def:8553 | Date: (C)2010-03-30 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 7 |
Product: |
Microsoft Internet Explorer 6 |
Microsoft Internet Explorer 7 |
Microsoft Internet Explorer 8 |