CVE-2015-5827

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 9

Description The issue is related to a lack of protection for internal data in the WebKit component of the iOS operating system. This can be exploited by a remote attacker to bypass existing access restriction rules, potentially allowing them to obtain object references. Specifically, the exploitation involves vectors related to custom events, message events, or pop state events, which can lead to bypassing the Same Origin Policy.

Recommendations For versions prior to 9, update to a version 9 or later to resolve the issue. As a temporary workaround, consider restricting access to WebKit components until a patch is available.