Endpoint Vulnerability

Microsoft Edge Information Disclosure Vulnerability

Description

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could allow information to be disclosed to an attacker.

Affected Products

Microsoft Edge

References

CVE-2017-8504,