7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
webkit2gtk:edge is vulnerable to cross-site scripting. An input validation issue was addressed with improved input validation. Processing maliciously crafted web content may lead to a cross site scripting attack.
seclists.org/fulldisclosure/2020/Nov/18
seclists.org/fulldisclosure/2020/Nov/19
seclists.org/fulldisclosure/2020/Nov/20
seclists.org/fulldisclosure/2020/Nov/22
www.openwall.com/lists/oss-security/2020/11/23/3
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.13/community.yaml
security.gentoo.org/glsa/202012-10
support.apple.com/HT211843
support.apple.com/HT211844
support.apple.com/HT211845
support.apple.com/HT211846
support.apple.com/HT211847
support.apple.com/HT211850
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P