CVE-2010-1760

2010-08-19T22:00:00
ID CVE-2010-1760
Type cve
Reporter cve@mitre.org
Modified 2011-03-18T02:49:00

Description

loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150.