Microsoft Browser Information Disclosure (MS16-145: CVE-2016-7280; CVE-2016-7280)

An information disclosure vulnerability was discovered in Microsoft Edge. The vulnerability is due to an improper content validation under specific conditions in Microsoft Browser XSS Filter. An attacker who exploited the vulnerability could run arbitrary JavaScript that could lead to an information disclosure.

Leave a Reply