JSON Array Information Disclosure Vulnerability in Microsoft Internet Explorer 6-8

JSON Array Information Disclosure Vulnerability in Microsoft Internet Explorer 6-8

CVE-2013-1297 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."

Learn more about our Web App Pen Testing.