Описание
Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
FAQ
What type of information could be disclosed by this vulnerability?
This vulnerability could disclose web content from cross-origin frames.
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
A user would have to visit a web page with malicious javascript and run an extension scan on the web page.
According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
The vulnerability is in the Accessibility Insight for Web browser extension, but the impact is on the application running on the browser.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Accessibility Insights for Web |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
7.4 High
CVSS3
Связанные уязвимости
Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
Microsoft Accessibility Insights for Web Information Disclosure Vulnerability
Уязвимость расширения для браузера Microsoft Accessibility Insights, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к устройству
EPSS
7.4 High
CVSS3