CVE-2002-1688

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.5 through 6.0

Description The issue allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button. This occurs due to a problem in the browser history feature.

Recommendations For Microsoft Internet Explorer versions 5.5 through 6.0, consider disabling JavaScript execution when the Back button is hit as a temporary workaround until a patch is available. Restrict access to sensitive authentication information to minimize the risk of exploitation.