Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari 3.0.4b |
||
apple safari 2.0.3 |
||
apple safari 3.0.4 |
||
apple safari 3.0.1 |
||
apple safari 2.0.1 |
||
apple safari 2.0.2 |
||
apple safari 3.0.0 |
||
apple safari 3.0.3b |
||
apple safari 3.0.3 |
||
apple safari 3.0.2b |
||
apple safari 3.0.2 |
||
apple safari 2.0.0 |
||
apple safari 2.0 |
||
apple safari 3.1.1 |
||
apple safari 3.1.0 |
||
apple safari 3.0.1b |
||
apple safari |
||
apple safari 3.2.0 |
||
apple safari 3.1.2 |
||
apple safari 2.0.4 |
||
apple safari 3.1.0b |
||
apple safari 3.0.0b |
||
apple safari 3.2.1 |
||
apple safari 3.0 |
||
apple iphone_os 1.0.2 |
||
apple iphone_os 2.2 |
||
apple iphone_os 1.1.1 |
||
apple iphone_os 2.0.0 |
||
apple iphone_os 1.1.2 |
||
apple iphone_os 1.1.3 |
||
apple iphone_os 1.1.0 |
||
apple iphone_os 1.0.1 |
||
apple iphone_os 2.1 |
||
apple iphone_os 1.1.5 |
||
apple iphone_os 2.1.1 |
||
apple iphone_os 2.0.2 |
||
apple iphone_os 2.0.1 |
||
apple iphone_os 2.2.1 |
||
apple iphone_os 2.0 |
||
apple iphone_os 1.1.4 |
||
apple iphone_os 1.0.0 |
||
apple ipod_touch |
||
apple iphone_os |