Spoofing Vulnerability in Microsoft Edge by Microsoft
CVE-2025-21262

5.4MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 24 January 2025

Summary

A spoofing vulnerability exists in Microsoft Edge (Chromium-based), allowing attackers to impersonate legitimate websites. This can lead to unauthorized actions or data exposure, potentially compromising user confidentiality and trust. Users are advised to apply the latest patches and updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0 < 132.0.2957.127

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 24, 2025
Vulnerability Reserved
Dec 10, 2024