CVE-2010-1382

Name of the Vulnerable Software and Affected Versions Mac OS X versions 10.5.8, and 10.6 through 10.6.3

Description A cross-site scripting (XSS) issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content. This is related to the lack of a charset field.

Recommendations For Mac OS X version 10.5.8, update to a newer version to mitigate the risk. For Mac OS X versions 10.6 through 10.6.3, update to version 10.6.4 or later.