CFNetwork HTTPProtocol in Apple iOS prior to 9.2 and OS X prior to 10.11.2 allows man-in-the-middle malicious users to bypass the HSTS protection mechanism via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple mac os x |