How severe is CVE-2017-8530?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2017-8530?

This is classified as CWE-346, which is a common weakness in software security.

CVE-2017-8530 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8555.

Related Vulnerabilities

CVE-2017-8650

MEDIUM

CVSS:5.4(Medium)

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature bypass due to Microsoft Edge not properly enforcing same-origin policies, aka "Microsoft Edge Security Feat...

CWE-3462017

CVE-2019-1445

MEDIUM

CVSS:5.4(Medium)

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is uniq...

CWE-3462019

CVE-2019-1447

MEDIUM

CVSS:5.4(Medium)

CWE-3462019

CVE-2020-0647

MEDIUM

CVSS:5.4(Medium)

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.

CWE-3462020

CVE-2020-0695

MEDIUM

CVSS:5.4(Medium)

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.

CWE-3462020

CVE-2020-15104

MEDIUM

CVSS:5.4(Medium)

In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. For ex...

CWE-3462020