CVE-2009-4074

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer 8

Description The issue allows remote attackers to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities. This is related to the details of output encoding and improper modification of an HTML attribute. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to information disclosure.

Recommendations For Microsoft Internet Explorer 8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.