CVE Database · CVE-2012-1882
CVSS v3.1
N/A
EPSS
13.84%
Published
Jun 12, 2012
Modified
Apr 28, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability."
Weaknesses (CWE)
Affected Products (32)
References (4)
