Vulnerability
Microsoft Edge Elevation of Privilege Vulnerability
Vulnerability Description
This vulnerability allows an attacker to execute javascript code on every host without the permission, also an attacker can steal local system files, and this also results in changing internal developer settings in Microsoft Edge.
CVE-ID
CVE-2019-0678
Vendor
Microsoft
Product
Microsoft Edge
Disclosure Timeline
- 28 November 2018 reported to the vendor
- 03 December 2019 coordinated public release of advisory
Credits
Nikhil Mittal