“That means millions of IE users are affected by this design flaw.”
Share this quote:
“Thousands of Web sites can be exploited, and there isnt a simple solution against this attack at least until IE is fixed.”
Share this quote:
“Normally, browsers impose strong restrictions for cross-domain interaction through the Web browser. A certain Web page can make a user browse to a different domain. However, it may not read the content of the retrieved page.... In IE these restrictions ... are broken when it comes to CSS [cascading style sheet] imports. I call this attack CSSXSS or Cascading Style Sheets Cross Site Scripting.”
Share this quote:
“Much like classic XSS [cross site scripting] holes, this design flaw in IE allows an attacker to retrieve private user data or execute operations on the users behalf on remote domains.”
Share this quote: