From c89dac4d05e1481eb005e8cf9fa8574262dc783b Mon Sep 17 00:00:00 2001 From: nu11secur1ty Date: Fri, 7 Jul 2023 10:26:03 +0300 Subject: [PATCH] Update README.MD --- 2023/CVE-2023-33145/README.MD | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/2023/CVE-2023-33145/README.MD b/2023/CVE-2023-33145/README.MD index 657d30a..be04565 100644 --- a/2023/CVE-2023-33145/README.MD +++ b/2023/CVE-2023-33145/README.MD @@ -7,8 +7,9 @@ ## Description: The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, nonces, cookies, IP, User-Agent, and other sensitive information. The user would have to click on a specially crafted URL to be compromised by the attacker. -In this example, the attacker use `STRIDE Threat Modeling` to spoof the victim to click on his website and done. -This will be hard to detect. +In this example, the attacker uses `STRIDE Threat Modeling` to spoof the victim to click on his website and done. +This is the general spoofing vulnerability and does not cover only EDGE, all browsers can be manipulated this way +on every OS. This will be hard to detect. ## Conclusion: Please be careful, for suspicious sites or be careful who sending you an link to open!