CVE-2024-26163: 
vulnerability analysis and mitigation

Microsoft Edge (Chromium-based) contains a Security Feature Bypass Vulnerability identified as CVE-2024-26163. The vulnerability was discovered and reported to Microsoft, with the initial CVE record being created on February 14, 2024. This security issue affects Microsoft Edge versions prior to 122.0.2365.92 (MSRC Update, ASEC Advisory).

The vulnerability has been assessed with a CVSS v3.1 Base Score of 4.7 (MEDIUM), with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N. This indicates that the vulnerability is network-accessible, requires low attack complexity, needs no privileges, requires user interaction, has changed scope, and can impact integrity with low severity (NVD).

The vulnerability is classified as a Security Feature Bypass, which could potentially allow attackers to circumvent security features in Microsoft Edge. The CVSS scoring indicates that while there is no impact on confidentiality or availability, there is a low impact on integrity (MSRC Update).

Microsoft has released a security update to address this vulnerability in Microsoft Edge version 122.0.2365.92. Users are advised to update their browsers to this version or later to mitigate the security risk (ASEC Advisory).