PT-2019-19057 · Apple · Ios+1
Ryan Pickren
·
Publicado
2019-12-18
·
Atualizado
2019-12-31
·
CVE-2019-8505
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 12.2
Safari versions prior to 12.1
Description
A logic issue was addressed with improved validation. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.
Recommendations
For iOS versions prior to 12.2, update to iOS 12.2 to resolve the issue.
For Safari versions prior to 12.1, update to Safari 12.1 to resolve the issue.
As a temporary workaround, consider disabling the Safari Reader feature until a patch is available.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Safari
Ios