E18-0pjj1
CVSS:
7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
40
Year:
2018
Description
This strike exploits a remote command execution in Microsoft Edge browser.
The vulnerability is due to lack of parameter sanitization when running an external application with a crafted hyperlink as an argument.
A user accessing an arbitrary page can be enticed to run a malicious script with a minimum of interaction, allowing the attacker to execute arbitrary commands on the system.
