source: http://www.securityfocus.com/bid/46816/info
WebKit is prone to a cross-domain scripting vulnerability because it fails to properly enforce the same-origin policy.
Successfully exploiting this issue will allow attackers to send the content of arbitrary files from the user's system to a remote server controlled by them. This results in disclosure of potentially sensitive information which may aid in further attacks.
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35434.zip