PT-2019-11007 · Apple+3 · Webkit+3

Thomi

·

Published

2018-06-01

·

Updated

2024-06-15

·

CVE-2018-6128

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions: Google Chrome on iOS versions prior to 67.0.3396.62
Description: The issue concerns incorrect URL parsing in WebKit, allowing a remote attacker to perform domain spoofing via a crafted HTML page.
Recommendations: For versions prior to 67.0.3396.62, update to version 67.0.3396.62 or later to resolve the issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2018-1959
CVE-2018-6128
MGASA-2018-0268
OPENSUSE-SU-2018_1484-1
OPENSUSE-SU-2018_2055-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:12948-1

Affected Products

Alt Linux
Google Chrome
Suse
Webkit