Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving submission of a form to the about:blank URL, leading to security-context replacement.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple safari 3.1.2 |
||
apple safari 0.8 |
||
apple safari 2.0 |
||
apple safari 2.0.2 |
||
apple safari 3.1.1 |
||
apple safari 3.1 |
||
apple safari 1.3.1 |
||
apple safari 1.3.2 |
||
apple safari 3.0.2 |
||
apple safari 0.9 |
||
apple safari 3.0 |
||
apple safari 1.0 |
||
apple safari 1.0.3 |
||
apple safari 1.1 |
||
apple safari 2.0.4 |
||
apple safari 3.2.1 |
||
apple safari 3.0.3 |
||
apple safari 3.0.4 |
||
apple safari 1.2 |
||
apple safari 1.3 |
||
apple safari 3.2.3 |
||
apple safari |
||
apple safari 3.2 |
||
apple safari 3.0.1 |
||
apple safari 3.2.2 |
Vulmon