Описание
Microsoft Edge (Chromium-based) Spoofing Vulnerability
FAQ
According to the CVSS metric, user interaction is required (UI:R). What does that mean for this vulnerability?
Successful exploitation requires the victim to perform multiple steps to trigger the vulnerability.
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?
The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.
What is the version information for this release?
| Microsoft Edge Channel | Microsoft Edge Version | Based on Chromium Version | Date Released |
|---|---|---|---|
| Stable | CVE-2024-8904, | 129.0.6668.58/.59 | 9/19/2024 |
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Уязвимость браузера Microsoft Edge, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю выполнить спуфинг-атаку
EPSS
4.3 Medium
CVSS3