CVE-2008-5551

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 8.0 Beta 2

Description The issue allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property. This is related to a "double injection" technique.

Recommendations For Microsoft Internet Explorer version 8.0 Beta 2, consider disabling the CSS expression property as a temporary workaround until a patch is available. Restrict access to STYLE elements to minimize the risk of exploitation. Avoid using the CSS expression property in STYLE elements until the issue is resolved.