CVE-2018-8235Origin Validation Error in Microsoft Edge

CWE-346Origin Validation Error5 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
2.6%
top 14.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Edge
Timeline
PublishedJun 14
Latest updateMay 13

Description

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

CVEListV5microsoft/microsoft_edge11 versions+10

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-x8p6-w274-2j7p: A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feat2022-05-13
CVEList
CVE-2018-8235: A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feat2018-06-14

📋Vendor Advisories

1
Microsoft
Microsoft Edge Security Feature Bypass Vulnerability2018-06-12

🕵️Threat Intelligence

1
Talos
Microsoft Patch Tuesday - June 20182018-06-12
CVE-2018-8235 — Origin Validation Error in Microsoft | cvebase