Описание
Microsoft Edge (Chromium-based) Spoofing Vulnerability
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?
An attacker who successfully exploited this vulnerability could cover and spoof elements of the UI. The modified information is only visual.
| Microsoft Edge Channel | Microsoft Edge Version | Date Released | Based on Chromium Version |
|---|---|---|---|
| Stable | 126.0.2592.56 | 6/13/2024 | 126.0.6478.57 |
| Extended Stable | 126.0.2592.56 | 6/13/2024 | 126.0.6478.57 |
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Уязвимость браузера Microsoft Edge, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг атаки
EPSS
4.3 Medium
CVSS3