CVE-2016-7239

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 9 through 11 Microsoft Edge (affected versions not specified)

Description The issue allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors. An information disclosure vulnerability exists when the Microsoft browser XSS filter is abused to leak sensitive page information. An attacker who successfully exploited the issue could obtain sensitive information from certain web pages. To exploit the issue, an attacker would have to log on to an affected system.

Recommendations For Microsoft Internet Explorer versions 9 through 11, update to a version that includes the fix for this issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this issue.