Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not recognize attack patterns designed to operate against web pages that are encoded with utf-7, which allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting crafted utf-7 content. NOTE: the vendor reportedly disputes this issue, stating "Behaviour is by design.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer 8.0绕过XSS保护机制漏洞
Vulnerability Description
Internet Explorer是微软Windows操作系统中默认捆绑的WEB浏览器。 ** 有争议的 ** Microsoft Internet Explorer 8.0 Beta 2版本的XSS过滤器没有检验出设计来对utf-7中内嵌的网页执行反操作的攻击模式,这会允许远程攻击者通过注入特制的utf-7内容,以绕过XSS保护机制和执行XSS攻击。
CVSS Information
N/A
Vulnerability Type
N/A