PT-2018-16537 · Apple+2 · Itunes For Windows+7

Shhnjk

Published

2018-11-22

Updated

2024-06-15

CVE-2018-4345

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Safari versions prior to 12 iOS versions prior to 12 tvOS versions prior to 12 iTunes for Windows versions prior to 12.9 iCloud for Windows versions prior to 7.7

Description A cross-site scripting issue existed in Safari, which was addressed with improved URL validation.

Recommendations For Safari versions prior to 12, update to version 12 or later to resolve the issue. For iOS versions prior to 12, update to version 12 or later to resolve the issue. For tvOS versions prior to 12, update to version 12 or later to resolve the issue. For iTunes for Windows versions prior to 12.9, update to version 12.9 or later to resolve the issue. For iCloud for Windows versions prior to 7.7, update to version 7.7 or later to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2018-4345

OPENSUSE-SU-2019:0081-1

OPENSUSE-SU-2019_0068-1

OPENSUSE-SU-2019_0081-1

OPENSUSE-SU-2024:11506-1

SUSE-SU-2019:0059-1

SUSE-SU-2019:0092-1

USN-3828-1

Affected Products

Safari

Suse

Ubuntu

Icloud For Windows

Ios

Itunes

Itunes For Windows

Tvos

PT-2018-16537 · Apple+2 · Itunes For Windows+7

CVE-2018-4345

Weakness Enumeration

Related Identifiers

Affected Products

References · 189