3 matches found
CVE-2018-4377
The CVE describes a cross-site scripting (XSS) issue in Safari via malformed URLs that could affect Safari on iOS, watchOS, macOS (Safari 12.0.1) and related Apple apps (iTunes 12.9.1, iCloud for Windows 7.8). Root cause: insufficient URL validation. Impact during exploitation is an XSS condition...
Apple iTunes < 12.9.1 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209197 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
Apple iTunes < 12.9.1 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209197 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...