CVE-2013-1013

XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.