cbcvebase.
CVE-2019-0678
published 2019-04-09

CVE-2019-0678: An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access…

medium6.8CVSS 3.0
AVNACHPRNUIRSUCHIHAN
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

Affected

30 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
microsoftmicrosoft_edge
msrcmicrosoft_edge_on_windows_10_version_1607_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1607_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1703_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_arm64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1709_for_x64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1803_for_32-bit_systems
msrcmicrosoft_edge_on_windows_10_version_1803_for_arm64-based_systems
msrcmicrosoft_edge_on_windows_10_version_1803_for_x64-based_systems