Cross site scripting

2007-05-2418:30:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.028 Low

EPSS

Percentile

90.7%

JSON

Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location information of cross-domain web pages, probably involving setTimeout and timed events.

CPENameOperatorVersion
safarieq2.0.4

CPE	Name	Operator	Version
	safari	eq	2.0.4

References

osvdb.org/38859

www.businessinfo.co.uk/labs/googlesnoop/snoop.html

www.securityfocus.com/bid/24121

www.thespanner.co.uk/2007/05/18/safari-needs-fixing/