Vulnerability Details CVE-2018-0803
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.4%
CVSS Severity
CVSS v3 Score 4.2
CVSS v2 Score 5.8
References
- http://www.securityfocus.com/bid/102384
- http://www.securitytracker.com/id/1040100
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803
- http://www.securityfocus.com/bid/102384
- http://www.securitytracker.com/id/1040100
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803
Products affected by CVE-2018-0803
-
cpe:2.3:a:microsoft:edge:-
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1511
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_server_2016:-