Published: 15/08/2018 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft edge -

Safari, Edge fans: Is that really the website you think you're visiting? URL spoof bug blabbed

The Register • Shaun Nichols in San Francisco • 11 Sep 2018

Egghead says Apple has yet to patch spoofing vulnerability

A security researcher has disclosed a bug that could be abused to spoof website addresses in either Edge or Safari. Rafay Baloch told The Register that while Microsoft has since patched the flaw (CVE-2018-8383) in its browser, Apple has been dragging its feet on a fix for Safari for weeks, and the browser remains vulnerable. The vulnerability is the result of what Baloch describes as a race condition that would potentially allow the attacker to start loading a legit page, causing the page's addr...

CVE-2018-8383

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect