2 matches found
Cross site scripting
Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a 1 location or 2 location.href property, related to incorrect determination of t...
CVE-2008-2948
CVE-2008-2948 is documented as a cross-domain vulnerability in Internet Explorer, described as a duplicate/related attack to CVE-2008-2947. The connected sources indicate it affects IE, involves window location cross-domain handling via the Object data type, and is tied to the same family of vuln...