← Back

CVE-2016-7281

nvd nist
Published: Dec 20, 2016Modified: May 6, 2026

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Exploitability: 1.6 / Impact: 3.6
Source: NVD

Description

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."

Affected (3)

Microsoft
2 products
Edge
Internet Explorer
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Edge
All versions
Microsoft
Internet Explorer
Version 10
Internet Explorer
Version 11

Related CWEs

CWE-254
CWE-254

References (8)

Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.