virus logo FortiClient Vulnerability

Microsoft Edge CVE-2018-8512 Input Validation Bypass Vulnerability

description-logoDescription

A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. To exploit the bypass, an attacker must trick a user into either loading a page containing malicious content or visiting a malicious website. The attacker could also inject the malicious page into either a compromised website or an advertisement network. The security update addresses the bypass by correcting how the Edge CSP validates documents.

affected-products-logoAffected Applications

Microsoft Edge

CVE References

CVE-2018-8512

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8512
ID 51871
Created Oct 09, 2018
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft Edge