CVE-2018-4377 Information
Feb 14, 2021
cve
Description
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1 watchOS 5.1 Safari 12.0.1 iTunes 12.9.1 iCloud for Windows 7.8.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
https://support.apple.com/kb/HT209192 https://support.apple.com/kb/HT209195 https://support.apple.com/kb/HT209196 https://support.apple.com/kb/HT209197 https://support.apple.com/kb/HT209198
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: