User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? A user could be tricked into entering credentials or responding to a pop up after opening a specially crafted file or clicking on a link, typically by way of an enticement in an email or URL. What is the version information for this release? Microsoft Edge Version Date Released Based on Chromium Version 135.0.3179.54 4/3/2025 135.0.7049.41/.42/.52 According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.
Barath Stalin K