CVE-2008-5551

Published: Dec 12, 2008Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property, aka a "double injection."

Affected (1)

Products: Microsoft: Internet Explorer

1 product

Internet Explorer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 8 beta2

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (8)

http://securityreason.com/securityalert/4724

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/499124/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/32780

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/47277

Source: cve@mitre.org

http://securityreason.com/securityalert/4724

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/499124/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/32780

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/47277

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.