Microsoft Edge Security Feature Bypass Vulnerability - CVE-2017-8555ID: oval:org.secpod.oval:def:40955 | Date: (C)2017-06-15 (M)2024-01-19 |
Class: VULNERABILITY | Family: windows |
A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could use this vulnerability to trick a user into loading a web page with malicious content.To exploit the vulnerability, an attacker must either trick a user into loading a web page or visit a website. The web page could also be injected into a compromised website or ad network.The security update addresses the vulnerability by correcting how the CSP validates documents.
Platform: |
Microsoft Windows 10 |