WebKit in Apple Safari prior to 6.2.1, 7.x prior to 7.1.1, and 8.x prior to 8.0.1 allows remote malicious users to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple tvos |
||
apple iphone os |
||
apple safari 7.1.0 |
||
apple safari |
||
apple safari 8.0.0 |