6.1
CVSSv3

CVE-2016-4585

CVSSv4: NA | CVSSv3: 6.1 | CVSSv2: 4.3 | VMScore: 710 | EPSS: 0.03003 | KEV: Not Included
Published: 22/07/2016 Updated: 21/11/2024

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple webkit

Vendor Advisories

Several security issues were fixed in WebKitGTK+ ...