XSS in Microsoft Edge

CVE-2015-6058

Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass."

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.700 (99.3th percentile) — read the EPSS interpretation.