CVE-2015-6144

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 8 through 11 Microsoft Edge (affected versions not specified)

Description The issue is caused by the mishandling of HTML attributes in HTTP responses, allowing remote attackers to bypass a cross-site scripting protection mechanism. This can be exploited by attackers to bypass the XSS filter via unspecified vectors.

Recommendations For Microsoft Internet Explorer versions 8 through 11, update to a version that includes the fix for this issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.