Lucene search

CVE-2024-30056

🗓️ 25 May 2024 18:13:15Reported by microsoftType

cve🔗 web.nvd.nist.gov👁 106 Views🌐 WEB

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability CVE-2024-3005

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
CNVD	Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CNVD-2024-39657)	14 Sep 202400:00	–	cnvd
Vulnrichment	CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability	25 May 202417:12	–	vulnrichment
Cvelist	CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability	25 May 202417:12	–	cvelist
NVD	CVE-2024-30056	25 May 202418:15	–	nvd
GithubExploit	Exploit for Exposure of Private Personal Information to an Unauthorized Actor in Microsoft	27 May 202406:37	–	githubexploit
Microsoft CVE	Microsoft Edge (Chromium-based) Information Disclosure Vulnerability	16 May 202407:00	–	mscve
OpenVAS	Microsoft Edge (Chromium-Based) Type Confusion And Information Disclosure Vulnerabilities - May24	22 May 202400:00	–	openvas
Kaspersky	KLA67626 Multiple vulnerabilities in Microsoft Browser	16 May 202400:00	–	kaspersky
Tenable Nessus	Microsoft Edge (Chromium) < 124.0.2478.109 Multiple Vulnerabilities	17 May 202400:00	–	nessus

Nvd

Vulners

Node

microsoft edge_chromiumRange<124.0.2478.109

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Edge (Chromium-based)",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "124.0.2478.109",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30056

Parameter	Position	Path	Description	CWE
sensitiveData	path	/steal_data	Endpoint where sensitive data is sent by the malicious script.	CWE-359
cookies	path	/steal_data	Endpoint where sensitive data is sent by the malicious script.	CWE-359
sessions	path	/steal_data	Endpoint where sensitive data is sent by the malicious script.	CWE-359
browsingHistory	path	/steal_data	Endpoint where sensitive data is sent by the malicious script.	CWE-359

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 May 2024 18:15Current

6.6Medium risk

Vulners AI Score6.6

CVSS35.4 - 7.1

EPSS0.0712

SSVC

CWE-359