Apple · Safari · CVE-2013-1012
**Name of the Vulnerable Software and Affected Versions**
Apple Safari versions prior to 6.0.5
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements.
**Recommendations**
For versions prior to 6.0.5, update to version 6.0.5 or later to resolve the issue.