Описание
Microsoft Edge (Chromium-based) Spoofing Vulnerability
FAQ
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?
An attacker who successfully exploited this vulnerability could cover and spoof elements of the UI. The modified information is only visual.
| Microsoft Edge Channel | Microsoft Edge Version | Date Released | Based on Chromium Version |
|---|---|---|---|
| Stable | 122.0.2365.52 | 2/23/2024 | 122.0.6261.57/.58 |
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Уязвимость браузера Microsoft Edge для Android, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю выполнить спуфинг-атаку
EPSS
4.3 Medium
CVSS3