Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 9:51 a.m.6 views

CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrat...

4.3CVSS6.7AI score0.33881EPSS
Exploits1References1
NVD
NVDadded 2011/06/03 5:55 p.m.14 views

CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrat...

4.3CVSS6.3AI score0.33881EPSS
Exploits1References10
Prion
Prionadded 2011/06/03 5:55 p.m.50 views

Information disclosure

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrat...

4.3CVSS6.5AI score0.34763EPSS
Exploits1References12Affected Software2
Prion
Prionadded 2011/06/03 5:55 p.m.12 views

Cross site scripting

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrat...

4.3CVSS6.9AI score0.33881EPSS
Exploits1References10Affected Software2
NVD
NVDadded 2011/06/03 5:55 p.m.18 views

CVE-2011-2383

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrat...

4.3CVSS6.1AI score0.34763EPSS
Exploits1References12
CVE
CVEadded 2011/06/03 5:0 p.m.58 views

CVE-2011-2382

CVE-2011-2382 affects Microsoft Internet Explorer 8 and earlier, and IE9 beta, by failing to properly restrict cross-zone drag-and-drop actions. An attacker could entice a user to load a page containing an IFRAME with a file: URL to read cookies, effectively cookie hijacking. Vulnerable component...

4.3CVSS6.5AI score0.33881EPSS
Exploits1References10Affected Software2
CVE
CVEadded 2011/06/03 5:0 p.m.57 views

CVE-2011-2383

CVE-2011-2383 affects Microsoft Internet Explorer 9 and earlier. The issue is an incomplete fix that allows cross-zone drag-and-drop via an IFRAME with an http: SRC that redirects to a file: URL, enabling a user-assisted read of cookies (cookiejacking). The vulnerability is documented with the ex...

4.3CVSS6.1AI score0.34763EPSS
Exploits1References12Affected Software2
Cvelist
Cvelistadded 2011/06/03 5:0 p.m.21 views

CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrat...

6.3AI score0.33881EPSS
Exploits1References10
Rows per page
Query Builder