Описание
The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.
Ссылки
- Broken Link
- Vendor Advisory
- Not Applicable
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
- Vendor Advisory
- Not Applicable
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.1954
Средний
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.
EPSS
Процентиль: 95%
0.1954
Средний
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other