Piotr Duszynski

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 7.0 Safari versions prior to 14.0 iOS versions prior to 14.0 iPadOS versions prior to 14.0 **Description** The issue may lead to address bar spoofing when visiting a malicious website. It was addressed with improved UI handling. **Recommendations** For watchOS versions prior to 7.0, update to watchOS 7.0 to resolve the issue. For Safari versions prior to 14.0, update to Safari 14.0 to resolve the issue. For iOS versions prior to 14.0, update to iOS 14.0 to resolve the issue. For iPadOS versions prior to 14.0, update to iPadOS 14.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** McAfee SuperScan version 4.0 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response. This is due to improper handling in the SuperScan HTML report. **Recommendations** For McAfee SuperScan version 4.0, update to a version that properly handles UTF-7 encoded sequences in server responses to prevent cross-site scripting attacks.