Cross-Domain Information Leakage Vulnerability in Microsoft Internet Explorer 11

Cross-Domain Information Leakage Vulnerability in Microsoft Internet Explorer 11

CVE-2017-0154 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet Explorer Elevation of Privilege Vulnerability."

Learn more about our Cis Benchmark Audit For Server Software.