The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious users to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.01 |
||
microsoft internet explorer 6.0 |
||
microsoft internet explorer 5.5 |