Skip to main content

Exposure of Private Personal Information to an Unauthorized Actor

CVE-2024-30056

Severity High
Score 8.1/10

Summary

Microsoft Edge versions prior to 124.0.2478.109 (Chromium-based versions prior to 124.0.6367.221) are vulnerable to Information Disclosure Vulnerability.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • NONE

CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

References

Advisory Timeline

  • Published