According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? This vulnerability requires a user to open a Web Archive file with spoofed origin of the web content in the affected version of Microsoft Edge (Chromium-based). According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H) but have no effect on integrity (I:N) or on availability (A:N). What does that mean for this vulnerability? An attacker who successfully exploited the vulnerability could view sensitive information (Confidentiality). While the attacker can not make changes to disclosed information (Integrity) and limit access to the resource (Availability). What kind of security feature could be bypassed by successfully exploiting this vulnerability? Attacker who succesfully exploit this vulnerability could cause the Edge browser to share addditional stored cookie when using the share feature. What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 115.0.1901.200 8/07/2023 115.0.5790.170/.171
Anonymous