CVE-2015-1156 in Safariinformazioni

Riassunto

di MITRE

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Fonti

Want to know what is going to be exploited?

We predict KEV entries!