Published: 21/05/2020 Updated: 27/05/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Microsoft Edge could allow a remote authenticated malicious user to gain elevated privileges on the system, caused by improper validation of input by Feedback extension. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to write files to arbitrary locations and gain elevated privileges.

Vulnerability Trend

Affected Products

Vendor Product Versions

Recent Articles

The Register

Roundup It's once again time to catch up on the latest happenings from the world of infosec.
We have a bunch of new security patches from Switchzilla, including one for a critical hole in its call-center software.
CVE-2020-3280 is a remote-code-execution vulnerability in the Java remote management interface for Unified Contact Center Express.
An unauthenticated, remote attacker able to exploit the flaw by supplying a malformed Java object (this is possible through various user ...