PT-2020-20852 · Apple · Ios+2

C0D3G33K

+1

·

Published

2020-10-16

·

Updated

2023-01-09

·

CVE-2020-9903

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Safari versions prior to 13.1.2 iOS versions prior to 13.6 iPadOS versions prior to 13.6
Description A logic issue was addressed with improved restrictions. A malicious attacker may cause Safari to suggest a password for the wrong domain.
Recommendations For Safari versions prior to 13.1.2, update to Safari 13.1.2 or later. For iOS versions prior to 13.6, update to iOS 13.6 or later. For iPadOS versions prior to 13.6, update to iPadOS 13.6 or later.

Fix

Origin Validation Error

Weakness Enumeration

CWE-346

Related Identifiers

CVE-2020-9903

Affected Products

Safari
Ios
Ipados