2 matches found
CVE-2021-43844
MSEdgeRedirect is a tool to redirect news, search, widgets, weather, and more to a user's default browser. MSEdgeRedirect versions before 0.5.0.1 are vulnerable to Remote Code Execution via specifically crafted URLs. This vulnerability requires user interaction and the acceptance of a prompt. Wit...
CVE-2021-43844
The CVE-2021-43844 entry affects MSEdgeRedirect before version 0.5.0.1, which is vulnerable to Remote Code Execution via specially crafted URLs. The root cause is in DecodeAndRun(), where file:/// resources bypassed the URL check, allowing crafted URLs to trigger payload execution after user inte...