4.3
CVSSv2

CVE-2020-1195

Published: 21/05/2020 Updated: 27/05/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Microsoft Edge could allow a remote authenticated malicious user to gain elevated privileges on the system, caused by improper validation of input by Feedback extension. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to write files to arbitrary locations and gain elevated privileges.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftEdge-

Recent Articles

The Register

Roundup It's once again time to catch up on the latest happenings from the world of infosec.
We have a bunch of new security patches from Switchzilla, including one for a critical hole in its call-center software.
CVE-2020-3280 is a remote-code-execution vulnerability in the Java remote management interface for Unified Contact Center Express.
An unauthenticated, remote attacker able to exploit the flaw by supplying a malformed Java object (this is possible through various user ...