I'm pretty sure a read exploit in a web page wouldn't be in the same process as the passwords.

If you can cross over to the main Edge process, you can probably get it to remove any encryption it applied itself.