PT-2018-16524 · Apple+2 · Icloud+6
Saelo
+1
·
Published
2018-09-24
·
Updated
2019-04-04
·
CVE-2018-4309
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Apple Safari versions prior to iOS 12
Apple Safari versions prior to tvOS 12
Apple Safari version prior to 12
Apple iTunes version prior to 12.9 for Windows
Apple iCloud for Windows version prior to 7.7
Description
A cross-site scripting issue existed in Safari, which was addressed with improved URL validation.
Recommendations
For versions prior to iOS 12, update to iOS 12 or later.
For versions prior to tvOS 12, update to tvOS 12 or later.
For version prior to 12 of Safari, update to Safari 12 or later.
For version prior to 12.9 of iTunes for Windows, update to iTunes 12.9 or later for Windows.
For version prior to 7.7 of iCloud for Windows, update to iCloud for Windows 7.7 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Safari
Suse
Ubuntu
Icloud
Ios
Itunes
Tvos