CVE-2020-0663

MEDIUM Year: 2020
CVSS v3 Score
4.2
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

Related Vulnerabilities

CVE-2017-0066

MEDIUM
CVSS:4.2(Medium)

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is di...

NVD-CWE-Other2017

CVE-2017-0135

MEDIUM
CVSS:4.2(Medium)

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is di...

NVD-CWE-Other2017

CVE-2017-0140

MEDIUM
CVSS:4.2(Medium)

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is di...

NVD-CWE-Other2017

CVE-2017-13675

MEDIUM
CVSS:4.2(Medium)

A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temp...

NVD-CWE-Other2017

CVE-2017-13679

MEDIUM
CVSS:4.2(Medium)

A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by t...

NVD-CWE-Other2017

CVE-2017-18808

MEDIUM
CVSS:4.2(Medium)

NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by incorrect configuration of security settings.

NVD-CWE-Other2017