What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 113.0.1774.35 113.0.5672.63/.64 5/5/2023 Extended Stable 112.0.1722.71 112.0.5615.179 5/4/2023 According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of Integrity (I:L)? What does that mean for this vulnerability? Attacker is able to bypass Content Security Policy (CSP) and Pop-up blocker this this vulnerability, but cannot modify additional content of the browser itself. According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? This vulnerability could lead to a browser iFrame sandbox escape, but not a full browser sandbox escape.
<a href="https://twitter.com/shhnjk">Jun Kokatsu</a>