MS.IE.Address.Bar.History.Spoofing
Description
Microsoft Internet Explorer has a Cross-site scripting (XSS) vulnerability. A remote attacker could spoof a trusted Web page by altering the URL that is displayed in the Internet Explorer address bar. This can be accomplished via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain.
Affected Products
Microsoft Internet Explorer 6.0
Impact
Cross-site scripting.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
http://www.microsoft.com
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |