Renee Trisberg

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.1 Security Update versions prior to 2019-001 Security Update versions prior to 2019-006 **Description** A cross-origin issue existed with `iframe` elements, allowing a malicious HTML document to potentially render iframes with sensitive user information. This issue was addressed with improved tracking of security origins. **Recommendations** For macOS versions prior to 10.15.1, update to macOS Catalina 10.15.1 or later. For systems requiring Security Update 2019-001 or 2019-006, apply the respective security update. As a temporary workaround, consider restricting the use of `iframe` elements in HTML documents until the issue is resolved.