← back
CVE-2012-3695

CVE-2012-3695

EPSS 1.1%
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML by leveraging improper URL canonicalization during the handling of the location.href property.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://support.apple.com/kb/HT5400http://support.apple.com/kb/HT5503http://www.securityfocus.com/bid/54695