WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 up to and including 1.1.2, and iPod touch 1.1 up to and including 1.1.2 allows remote malicious users to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari |