Spoofing Vulnerability in Microsoft Edge by Microsoft
CVE-2024-49054

4.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 22 November 2024

What is CVE-2024-49054?

A spoofing vulnerability in Microsoft Edge (Chromium-based) could allow attackers to deceive users into visiting malicious URLs that appear legitimate. Exploitation of this vulnerability may lead to unauthorized actions and data exposure, compromising user safety and privacy.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0 < 131.0.2903.63

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2024