WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, allows remote malicious users to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari |
||
apple iphone os |