Описание
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
EPSS
3.1 Low
CVSS3
Дефекты
Связанные уязвимости
Microsoft Edge (Chromium-based) Defense in Depth Vulnerability
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata.
Уязвимость браузера Microsoft Edge (на базе Chromium), связанная с недостатками разграничения доступа к личной информации, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
3.1 Low
CVSS3