CVE-2018-8567

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.4 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
microsoftedge
-
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/105784
http://www.securitytracker.com/id/1042107
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8567
http://www.securityfocus.com/bid/105784
http://www.securitytracker.com/id/1042107
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8567