CVE-2019-6228
Summary
| CVE | CVE-2019-6228 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-03-05 16:29:00 UTC |
| Updated | 2019-03-06 14:18:00 UTC |
| Description | A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Apple Safari and iOS CVE-2019-6228 Cross Site Scripting Vulnerability | BID | www.securityfocus.com | Third Party Advisory |
| About the security content of Safari 12.0.3 - Apple Support | CONFIRM | support.apple.com | Vendor Advisory |
| About the security content of iOS 12.1.3 - Apple Support | CONFIRM | support.apple.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.