Apple Safari 3.1.1 allows remote malicious users to spoof the address bar by placing many "invisible" characters in the userinfo subcomponent of the authority component of the URL (aka the user field), as demonstrated by %E3%80%80 sequences.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari 3.1.1 |