VYPR
Medium severity6.1NVD Advisory· Published Nov 15, 2017· Updated Jun 17, 2026

CVE-2017-11863

CVE-2017-11863

Description

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to trick a user into loading a page containing malicious content, due to how the Edge Content Security Policy (CSP) validates documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11872 and CVE-2017-11874.

Affected products

4
  • Microsoft/Edge2 versions
    cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
    • (no CPE)
  • Microsoft Corporation/Microsoft Edgev5
    Range: Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709.

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.