CVE-2015-3752 in Safariالمعلومات

الملخص

بحسب MITRE

The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

المصادر

Do you need the next level of professionalism?

Upgrade your account now!