Thornmaker

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer 8 **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities. This is related to the details of output encoding and improper modification of an HTML attribute. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to information disclosure. **Recommendations** For Microsoft Internet Explorer 8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.