Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-7280
HistoryDec 20, 2016 - 6:59 a.m.

CVE-2016-7280

2016-12-2006:59:01
CWE-79
[email protected]
web.nvd.nist.gov
30
4
cve-2016-7280
cross-site scripting
xss
microsoft edge
information disclosure
vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.8 Medium

AI Score

Confidence

High

0.175 Low

EPSS

Percentile

96.2%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka “Microsoft Edge Information Disclosure Vulnerability,” a different vulnerability than CVE-2016-7206.

Affected configurations

NVD
Node
microsoftedgeMatch-
CPENameOperatorVersion
microsoft:edgemicrosoft edgeeq-

Social References

More

Related

prion 2
cvelist 2
nvd 2
cve 1
checkpoint_advisories 2
symantec 2
mscve 2
openvas 1
mskb 4
nessus 1
kaspersky 1
thn 1
threatpost 1
prion
prion
Information disclosure
2016-12-20 06:59:00
Information disclosure
2016-12-20 06:59:00
cvelist
cvelist
CVE-2016-7206
2016-12-20 05:54:00
CVE-2016-7280
2016-12-20 05:54:00
nvd
nvd
CVE-2016-7206
2016-12-20 06:59:00
CVE-2016-7280
2016-12-20 06:59:01
cve
cve
CVE-2016-7206
2016-12-20 06:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Browser Information Disclosure (MS16-145: CVE-2016-7280)
2016-12-13 00:00:00
Microsoft Browser Information Disclosure (MS16-145: CVE-2016-7206)
2016-12-13 00:00:00
symantec
symantec
Microsoft Edge CVE-2016-7280 Information Disclosure Vulnerability
2016-12-13 00:00:00
Microsoft Edge CVE-2016-7206 Information Disclosure Vulnerability
2016-12-13 00:00:00
mscve
mscve
Microsft Browser Information Disclosure Vulnerability
2016-12-13 08:00:00
Microsft Browser Information Disclosure Vulnerability
2016-12-13 08:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (3204062)
2016-12-14 00:00:00
mskb
mskb
MS16-145: Cumulative security update for Microsoft Edge: December 13, 2016
2016-12-13 00:00:00
December 13, 2016 — KB3205383 (OS Build 10240.17202)
2016-12-13 08:00:00
December 13, 2016 — KB3205386 (OS Build 10586.713)
2016-12-13 08:00:00
nessus
nessus
MS16-145: Cumulative Security Update for Microsoft Edge (3204062)
2016-12-14 00:00:00
kaspersky
kaspersky
KLA10920 Multiple vulnerabilities in Microsoft Browser
2016-12-13 00:00:00
thn
thn
Microsoft releases 12 Security Updates; Including 6 Critical Patches
2016-12-14 01:07:00
threatpost
threatpost
Microsoft Patches Publicly Disclosed IE, Edge Vulnerabilities
2016-12-13 15:27:58

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.8 Medium

AI Score

Confidence

High

0.175 Low

EPSS

Percentile

96.2%

JSON
Related for CVE-2016-7280
prion2cvelist2nvd2cve1checkpoint_advisories2symantec2mscve2openvas1mskb4nessus1kaspersky1thn1threatpost1