2 matches found
CVE-2008-1009
Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary JavaScript by modifying the history object...
CVE-2008-1009
CVE-2008-1009 is a cross-site scripting (XSS) vulnerability affecting Apple Safari before 3.1, related to WebCore. The issue arises from handling the history object, allowing an attacker to inject JavaScript that can run in other frames loaded on the same page, potentially compromising user secur...