WebKit in Apple iOS prior to 9 allows remote malicious users to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari |
||
apple iphone os |