CVE-2008-1006

2008-03-19T00:44:00
ID CVE-2008-1006
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:29:00

Description

Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page.