Описание
A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability."
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04069
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
около 3 лет назад
A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass Vulnerability."
fstec
около 8 лет назад
Уязвимость браузера Microsoft Edge, позволяющая злоумышленнику нарушить конфиденциальность информации
EPSS
Процентиль: 88%
0.04069
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-noinfo