CVE-2023-36026
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2023-36026 is a new spoofing vulnerability affecting Microsoft Edge browsers based on Chromium. This issue allows malicious actors to manipulate the display of web pages in such a way that users may be deceived into believing they are interacting with a legitimate site, when in fact they are on a fraudulent one. The attacker can use this vulnerability to mimic trusted websites, potentially stealing sensitive information or tricking users into installing malware. Microsoft is currently working on a patch to address this issue, and users are advised to keep their browsers updated to protect against exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Edge Chromium
Affected Vendors
- Microsoft