CVE-2017-8642
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
08/08/2017
Last modified:
20/04/2025
Description
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to elevate privileges due to the way that Microsoft Edge validates JavaScript under specific conditions, aka "Microsoft Edge Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8503.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/100046
- http://www.securitytracker.com/id/1039101
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8642
- http://www.securityfocus.com/bid/100046
- http://www.securitytracker.com/id/1039101
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8642