Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet_explorer 7 |
||
microsoft windows_2003_server |
||
microsoft windows_server_2003 |
||
microsoft windows_xp |
||
microsoft windows_xp - |
||
microsoft windows_server_2008 |
||
microsoft windows_server_2008 - |
||
microsoft windows_vista |
||
microsoft windows_vista - |
||
microsoft internet_explorer 6 |
||
microsoft internet_explorer 8 |
||
microsoft internet_explorer 8.0.6001 |
||
microsoft windows_7 - |
||
microsoft windows_2000 |