Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-8523ID: oval:org.secpod.oval:def:40951 | Date: (C)2017-06-15 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A security feature bypass vulnerability exists when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows. An attacker could use this vulnerability to trick a user into loading a page with malicious content.To exploit this vulnerability, an attacker would need to trick a user into loading a page or visiting a website. The page could also be injected into a compromised website or ad network.The update addresses the vulnerability by correcting the Same Origin Policy check for scripts attempting to manipulate HTML elements in other browser windows.
Platform: |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |