vulnerability

Microsoft Windows: CVE-2016-7282: Microsft Browser Information Disclosure Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Dec 20, 2016	Jun 10, 2024	Oct 14, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Dec 20, 2016

Added

Jun 10, 2024

Modified

Oct 14, 2025

Description

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."

Solutions

microsoft-windows-windows_10-1507-kb3205383microsoft-windows-windows_10-1511-kb3205386microsoft-windows-windows_10-1607-kb3206632microsoft-windows-windows_server_2016-1607-kb3206632

References

BID-94724
CVE-2016-7282
https://attackerkb.com/topics/CVE-2016-7282
CWE-79
DISA_SEVERITY-Category II
IAVM-2016-A-0343
MS-MS16-144
MS-MS16-145
URL-https://support.microsoft.com/help/3205383
URL-https://support.microsoft.com/help/3205386
URL-https://support.microsoft.com/help/3206632

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today