CVE-2023-33145

Опубликовано: 13 июн. 2023

Источник: msrc

CVSS3: 6.5

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

FAQ

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, cryptographic nonces, and other sensitive information.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

EPSS

Процентиль: 91%

0.07104

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-33145

CVSS3: 6.5

nvd

больше 2 лет назад

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

GHSA-3m5x-qv26-v6mr

CVSS3: 6.5

github

больше 2 лет назад

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

BDU:2023-03438

CVSS3: 6.5

fstec

больше 2 лет назад

Уязвимость браузера Microsoft Edge, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 91%

0.07104

Низкий

6.5 Medium

CVSS3