5.8
CVSSv2

CVE-2020-9952

Published: 16/10/2020 Updated: 23/12/2020
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.1 | Impact Score: 3.7 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Vulnerability Summary

An input validation issue was found in webkit2gtk prior to 2.28.3. Processing maliciously crafted web content might have lead to a cross site scripting attack.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple icloud

apple safari

apple ipad os

apple iphone os

apple tvos

apple watchos

Vendor Advisories

An input validation issue was found in webkit2gtk before 2283 Processing maliciously crafted web content might have lead to a cross site scripting attack ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-3 Safari 140 Safari 140 is now available and addresses the following: WebKit Available for: macOS Catalina and macOS Mojave, and included in macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issu ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-4 watchOS 70 watchOS 70 is now available and addresses the following: Keyboard Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved state management ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-2 tvOS 140 tvOS 140 is now available and addresses the following: Assets Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be able to misuse a trust relationship to download malicious content Description: A trust issue was addressed by removing a legacy API C ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 140 Safari 140 addresses the following issues Information about the security content is also available at supportapplecom/HT211845 Safari Available for: macOS Catalina and macOS Mojave, and included in macOS ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 iOS 140 and iPadOS 140 are now available and address the following: AppleAVD Available for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later Impact: An application may be able to cause unexpected system ...
------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008 ------------------------------------------------------------------------ Date reported : November 23, 2020 Advisory ID : WSA-2020-0008 WebKitGTK Advisory URL : webkitgtkor ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 70 watchOS 70 addresses the following issues Information about the security content is also available at supportapplecom/HT211844 Audio Available for: Apple Watch Series 3 and later Impact: A malicious appl ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 140 tvOS 140 addresses the following issues Information about the security content is also available at supportapplecom/HT211843 Assets Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be abl ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 140 and iPadOS 140 iOS 140 and iPadOS 140 addresses the following issues Information about the security content is also available at supportapplecom/HT211850 AppleAVD Available for: iPhone 6s and later, iPod ...