CVE-2018-8235

MEDIUM

Microsoft Edge - Auth Bypass

Title source: llm

Description

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/104343

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1041097

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8235

Scores

CVSS v3 4.3

EPSS 0.0349

EPSS Percentile 87.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Classification

CWE

CWE-346

Status published

Affected Products (1)

microsoft/edge

Timeline

Published Jun 14, 2018

Tracked Since Feb 18, 2026