Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-8530ID: oval:org.secpod.oval:def:40952 | Date: (C)2017-06-15 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A security feature bypass vulnerability exists when Microsoft Edge does not properly enforce same-origin policies, which could allow an attacker to access information from origins outside the current one. In a web-based attack scenario, an attacker could trick a user into loading a page with malicious content.To exploit this vulnerability, an attacker would need to trick a user into loading a page or visiting a website. The page could also be injected into a compromised site or ad network.The update addresses the vulnerability by helping to ensure that cross-domain policies are properly enforced in Microsoft Edge.
Platform: |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |