3 matches found
CVE-2008-1006
Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page...
CVE-2008-1006
Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page...
CVE-2008-1006
CVE-2008-1006 is a cross-site scripting (XSS) vulnerability in WebCore used by Apple Safari before 3.1. The underlying issue is in WebKit/WebCore where the window.open function can change the security context of a page, enabling remote attackers to inject arbitrary script or HTML in the victim’s ...