Headline
CVE-2023-35392: Microsoft Edge (Chromium-based) Spoofing Vulnerability
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
This vulnerability requires that a user have multiple browser instances open of the affected version of Microsoft Edge (Chromium-based), one of which is a specially crafted website hosted by the attacker. The user would need to access the URL of the malicious website and then click a popup displayed on that site.