CVE-2014-4363
CVE-2014-4363 affects Safari/WebKit in iOS prior to iOS 8. The root issue is improper restriction of password autofill in forms, enabling an attacker to obtain user credentials via (1) an HTTP site, (2) an HTTPS site with an invalid/broken certificate, or (3) an iframe. Public writeups describe t...