Apple · Safari · CVE-2013-5227
**Name of the Vulnerable Software and Affected Versions**
Apple Safari versions prior to 6.1.1
Apple Safari versions 7.x prior to 7.0.1
**Description**
The issue allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields.
**Recommendations**
For Apple Safari versions prior to 6.1.1, update to version 6.1.1 or later.
For Apple Safari versions 7.x prior to 7.0.1, update to version 7.0.1 or later.