CVE-2015-6176
Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability."
Date published : 2015-12-09
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125