An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML documents.
Max CVSS
6.1
EPSS Score
0.08%
Published
2017-11-13
Updated
2017-11-27
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Help Viewer" component, which allows XSS attacks via a crafted web site.
Max CVSS
6.1
EPSS Score
26.31%
Published
2017-02-20
Updated
2017-09-01
2 vulnerabilities found