Apple : Security Vulnerabilities, CVEs, Published In 2015 (XSS)
Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before 10.11 allows local users to inject arbitrary web script or HTML via crafted text.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-10-09
Updated
2016-12-09
Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search.
Max CVSS
4.3
EPSS Score
0.22%
Published
2015-08-16
Updated
2017-09-21
Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.
Max CVSS
4.3
EPSS Score
0.25%
Published
2015-07-03
Updated
2016-12-28
3 vulnerabilities found