CVE-2008-5553

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 8.0 Beta 2

Description The issue allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting a certain X-XSS-Protection HTTP header after a CRLF sequence. This occurs because the XSS Filter in the affected software disables itself upon encountering this specific header.

Recommendations For Microsoft Internet Explorer version 8.0 Beta 2, as a temporary workaround, consider restricting the use of the X-XSS-Protection HTTP header to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.