CVE-2008-5551

Microsoft Internet Explorer 8.0 Beta 2 - XSS

Title source: llm

Description

The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property, aka a "double injection."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Rafel Ivgi · textremotewindows

https://www.exploit-db.com/exploits/32654

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/32780

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47277

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/499124/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/4724

Scores

EPSS 0.3227

EPSS Percentile 96.8%

Classification

CWE

CWE-79

Status published

Affected Products (2)

microsoft/internet_explorer

n/a/n/a

Timeline

Published Dec 12, 2008

Tracked Since Feb 18, 2026