Endpoint Vulnerability

Microsoft Edge Security Feature Bypass Vulnerability

Description

A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests. The vulnerability allows Microsoft Edge to bypass Cross-Origin Resource Sharing (CORS) redirect restrictions, and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice.

Affected Products

Microsoft Edge

References

CVE-2017-11872,