Microsoft Edge for Android Spoofing Vulnerability

Microsoft Edge for Android has a spoofing vulnerability that allows an attacker to deceive users into thinking they're visiting a legitimate website when they're actually on a malicious one. This matters because users might unknowingly share sensitive information or download harmful content.

The vulnerability (CWE-1021: Improper Restriction of Rendered UI Layers) enables attackers to spoof the user interface of Microsoft Edge on Android, potentially masking the true origin or destination of user actions. This could involve overlaying or manipulating visual elements to deceive users about which website they are interacting with, requiring only that the user interact with the spoofed interface.