Описание
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
This vulnerability requires that a user have multiple browser instances open of the affected version of Microsoft Edge (Chromium-based), one of which is a specially crafted website hosted by the attacker. The user would need to access the URL of the malicious website and then click a popup displayed on that site.
According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and (A:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability could lead to a full compromise of the browser.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
8.8 High
CVSS3
Связанные уязвимости
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Уязвимость браузера Microsoft Edge, связанная с ошибками в настройках безопасности, позволяющая нарушителю повысить свои привилегии
EPSS
8.8 High
CVSS3