CVE-2015-1156 in Safarithông tin

Tóm tắt

Bởi MITRE

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Nguồn

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!