Apple · Webkit · CVE-2015-5906
**Name of the Vulnerable Software and Affected Versions**
iOS versions prior to 9
**Description**
The issue is related to the HTML form implementation in WebKit, which does not properly protect sensitive data. This might allow remote attackers to discover a password by leveraging a later prediction containing the last character of the password. The vulnerability is associated with a lack of protection for service data, which could enable a remote attacker to obtain a user's password.
**Recommendations**
For iOS versions prior to 9, update to iOS 9 or later to resolve the issue.