Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Cross site scripting

🗓️ 07 Feb 2015 19:59:00Reported by PRIOn knowledge baseType 
prion
 prion🔗 www.prio-n.com👁 15 Views

Cross-site scripting vulnerability in Microsoft Internet Explorer 9 through 11 allows bypassing of Same Origin Policy via IFRAME elements and eval of WindowProxy object, aka "Universal XSS (UXSS)

Related
Refs
ReporterTitlePublishedViews
Family
0day.today		Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection Exploit
15 Feb 201500:00
zdt
Circl		CVE-2015-0072
29 May 201815:50
circl
CNVD		Microsoft Internet Explorer Same Origin Policy Security Bypass Vulnerability
6 Feb 201500:00
cnvd
Check Point Advisories		Internet Explorer Same Origin Policy Bypass (CVE-2015-0072)
3 Feb 201500:00
checkpoint_advisories
CVE		CVE-2015-0072
7 Feb 201518:00
cve
Cvelist		CVE-2015-0072
7 Feb 201518:00
cvelist
Kaspersky		KLA10472 Multiple vulnerabilities in Internet Explorer
10 Mar 201500:00
kaspersky
Metasploit		MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection
5 Feb 201518:26
metasploit
NVD		CVE-2015-0072
7 Feb 201519:59
nvd
OpenVAS		Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3032359)
11 Mar 201500:00
openvas
Rows per page
SourceLink
pcworldwww.pcworld.com/article/2879372/dangerous-ie-vulnerability-opens-door-to-powerful-phishing-attacks.html
nakedsecuritywww.nakedsecurity.sophos.com/2015/02/04/internet-explorer-has-a-cross-site-scripting-zero-day-bug/
communitywww.community.websense.com/blogs/securitylabs/archive/2015/02/05/another-day-another-zero-day-internet-explorer-s-turn-cve-2015-0072.aspx
seclistswww.seclists.org/fulldisclosure/2015/Feb/0
innerhtwww.innerht.ml/blog/ie-uxss.html
securityfocuswww.securityfocus.com/bid/72489
packetstormsecuritywww.packetstormsecurity.com/files/130308/Microsoft-Internet-Explorer-Universal-XSS-Proof-Of-Concept.html
secuniawww.secunia.com/advisories/62658
securitytrackerwww.securitytracker.com/id/1031888
exchangewww.exchange.xforce.ibmcloud.com/vulnerabilities/100606
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Oct 2018 22:08Current
5.4Medium risk
Vulners AI Score5.4
EPSS0.88552
cross-site scriptinginternet explorersame origin policyiframe elementswindowproxy objectuniversal xssuxss
15