QwikSec

Security Database

CVE

CWE

Training

CVE-2017-8504

Published: Jun 15, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8498.

Vendor	Product	Versions
Microsoft Corporation	Microsoft Edge	affected `Microsoft Windows 10 1607 and 1703, and Windows Server 2016.`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8504

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.