VYPR
Medium severity6.5NVD Advisory· Published Nov 15, 2017· Updated Jun 17, 2026

CVE-2017-11872

CVE-2017-11872

Description

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice, due to how Microsoft Edge handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11874.

Affected products

4
  • Microsoft/Edge2 versions
    cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
    • (no CPE)
  • Range: 10 1607, 1703, Server 2016
  • Microsoft Corporation/Microsoft Edgev5
    Range: Microsoft Windows 10 1607, 1703, and Windows Server 2016.

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.