Cross-Site Scripting in Microsoft Edge by Microsoft
CVE-2026-58298
7.2HIGH
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 3 July 2026
What is CVE-2026-58298?
A cross-site scripting vulnerability exists in Microsoft Edge (Chromium-based) due to improper handling of input during web page generation. An attacker can exploit this flaw to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized actions or data theft through spoofing attacks over the network. Users are encouraged to apply security updates to mitigate this risk.
Affected Version(s)
Microsoft Edge (Chromium-based) 1.0.0.0 < 150.0.4078.48