E10-46f01
CVSS:
4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
False Positive:
t
Variants:
2
Year:
2010
Description
This strike exploits a cross-site scripting vulnerability in Internet Explorer. The vulnerability is due to a lack of input validation of html code.
Remote attackers can exploit this vulnerability by enticing a user to open a malicious web page using the toStaticHTML method, leading to information
disclosure and execution of arbitrary browser script code.