• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer CSS Import Cross-Domain Restriction Bypass Vulnerability

A proof of concept is available from the following location:

http://www.hacker.co.il/security/ie/gdsexploit.html