Already ticketed, can get to the actual number right now.
There is a workaround. As soon as you go to the startpage (index) of the app IE will show a pop-up at the bottom of the screen which allows you to "show non-secure content", do NOT dismiss that but take to option to show it all anyway!
In your node configuration settings, under the tab 'Network' there is a section called 'Prevent embedding your app in an IFrame'. There, you can set whether (part of) your app is allowed to be shown in an iframe. This is necessary for the components you mentioned (iframes, rich text editors, file uploaders) to work.
Setting this to 'allow on same domain' will probably fix your issue, if not, try 'allow'. If it already is 'allow', are you using any custom (appstore) widgets? If not, file a support request and include a test project that demonstrates the issue.
Technical info: this setting modifies the X-Frame-Options header that is sent along with each HTTP response from the Mendix server. This option tells browsers whether they are allowed to load the page in an iframe