CVE-2020-9843

Name of the Vulnerable Software and Affected Versions iOS versions prior to 13.5 iPadOS versions prior to 13.5 tvOS versions prior to 13.4.5 watchOS versions prior to 6.2.5 Safari versions prior to 13.1.1 iTunes versions prior to 12.10.7 for Windows iCloud for Windows versions prior to 11.2 and 7.19

Description The issue is related to input validation and may lead to a cross-site scripting attack when processing maliciously crafted web content. This can allow a remote attacker to perform inter-site script attacks by exploiting the vulnerability in the WebKit modules for displaying web pages.

Recommendations For iOS versions prior to 13.5, update to iOS 13.5 or later. For iPadOS versions prior to 13.5, update to iPadOS 13.5 or later. For tvOS versions prior to 13.4.5, update to tvOS 13.4.5 or later. For watchOS versions prior to 6.2.5, update to watchOS 6.2.5 or later. For Safari versions prior to 13.1.1, update to Safari 13.1.1 or later. For iTunes versions prior to 12.10.7 for Windows, update to iTunes 12.10.7 for Windows or later. For iCloud for Windows versions prior to 11.2 and 7.19, update to iCloud for Windows 11.2 or 7.19 or later.