Medium severity4.2NVD Advisory· Published Mar 17, 2017· Updated May 13, 2026

CVE-2017-0140

Description

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135.

Affected products

Microsoft/Edgellm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: Edge

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0140nvdPatchVendor Advisory
www.securityfocus.com/bid/96653nvd
www.securitytracker.com/id/1038006nvd

News mentions

No linked articles in our index yet.

cvss	0.273
epss	0.012
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000