CVE-2015-6176

Name of the Vulnerable Software and Affected Versions Microsoft Edge (affected versions not specified)

Description The issue is related to how Microsoft Edge handles HTML attributes in HTTP responses, allowing remote attackers to bypass a cross-site scripting (XSS) protection mechanism. This could enable an attacker to run initially disabled scripts in the wrong security context, potentially leading to information disclosure. The estimated number of potentially affected devices and details about real-world incidents where this issue was exploited are not provided.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.