This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote host has a web browser installed that is affected by a
privilege escalation vulnerability.
The version of Microsoft Edge installed on the remote Windows host is
missing Cumulative Security Update 3214288. It is, therefore, affected
by a privilege escalation vulnerability due to improper enforcement of
cross-domain policies with 'about:blank'. An unauthenticated, remote
attacker can exploit this issue, via specially crafted web content, to
access information from one domain and inject it into another domain,
resulting in an elevation of privileges.
See also :
Microsoft has released a set of patches for Windows 10 and Windows
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false