XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.12%
Published
2013-06-05
Updated
2013-06-05
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements.
Max CVSS
4.3
EPSS Score
0.25%
Published
2013-06-05
Updated
2013-09-27
2 vulnerabilities found