CVE-2011-1258 in Internet Explorer
摘要
由 MITRE
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability."
If you want to get the best quality for vulnerability data then you always have to consider VulDB.