EIP-2026-118815

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118815. PoCs published by Paul.

AI-analyzed exploit summary This exploit demonstrates a URI obfuscation weakness in Microsoft Internet Explorer by using JavaScript and mouse events to spoof the address displayed in the status bar and properties window. The attack leverages the onmouseover, onmouseout, and onmousedown events to manipulate the href attribute and window.status, misleading users into believing they are navigating to a trusted site.

Description

Microsoft Internet Explorer 5.0.1 - Mouse Event URI Status Bar Obfuscation

Exploits (1)

exploitdb WORKING POC VERIFIED

by Paul · textremotewindows

https://www.exploit-db.com/exploits/25095

View Code ZIP pw:eip

This exploit demonstrates a URI obfuscation weakness in Microsoft Internet Explorer by using JavaScript and mouse events to spoof the address displayed in the status bar and properties window. The attack leverages the onmouseover, onmouseout, and onmousedown events to manipulate the href attribute and window.status, misleading users into believing they are navigating to a trusted site.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer

No auth needed

Prerequisites: User interaction (right-clicking on a link)

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Microsoft Internet Explorer 5.0.1 - Mouse Event URI Status Bar Obfuscation

Exploitation Summary

Description

Exploits (1)

Details