Safari is a web browser for Mac OS X and Windows.
A vulnerability in the OS X Script Editor allows a malicious web page to execute arbitrary AppleScript code without user confirmation by enticing a user to type Control-R in Safari.
Upgrade to OS X 10.11.1 or apply Security Update 2015-007.
A user must load the exploit page in Safari and type Control-R in order for the exploit to succeed.
Mac OS X