VULHUB ™

A vulnerability has been reported in Explorer that may allow for script code to be executed in the Local Zone. When an IFRAME in a dialog changes its location or Zone, the dialogArguments object provided by the calling content should not be accessible. It has been reported that this is not the case. The dialogArguments object is accessible despite the fact that its originating location/Zone is different from the parent.

A vulnerability has been reported in Explorer that may allow for script code to be executed in the Local Zone. When an IFRAME in a dialog changes its location or Zone, the dialogArguments object provided by the calling content should not be accessible. It has been reported that this is not the case. The dialogArguments object is accessible despite the fact that its originating location/Zone is different from the parent.