Muhammad Zaid Ghifari

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to improper neutralization of input during web page generation, also known as 'cross-site scripting', which allows an unauthorized attacker to perform spoofing over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 129.0.6668.58 Microsoft Edge (affected versions not specified) **Description** The issue is related to insufficient data validation in the Omnibox feature of Google Chrome and Microsoft Edge browsers. This could allow a remote attacker to inject arbitrary scripts or HTML, potentially leading to cross-site scripting (XSS) attacks, if a user is convinced to perform specific UI gestures. **Recommendations** For Google Chrome versions prior to 129.0.6668.58, update to version 129.0.6668.58 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge for Android (affected versions not specified) **Description** The issue is related to the Microsoft Edge browser for Android and involves a failure to properly protect the structure of web pages. This can be exploited by a remote attacker to conduct spoofing attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to conduct spoofing attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge for Android (affected versions not specified) **Description** The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to perform a spoofing attack. There is no information about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.