IE URI encoding behavior facilitates XSS attacks, researchers say
An inconsistency in how Microsoft's Internet Explorer (IE) encodes double quotes in URIs (uniform resource identifiers) can facilitate cross-site scripting (XSS) attacks, researchers from security firm Imperva claim.