Cross-site Scripting Vulnerability in Apple Safari
CVE-2010-1420

Currently unrated

Key Information:

Vendor: Apple
Status: Cfnetwork; Safari
Vendor: CVE Published:; 21 July 2011

Summary

A cross-site scripting (XSS) vulnerability exists in CFNetwork within Apple Safari that allows remote attackers to inject arbitrary scripts or HTML into webpages via specially crafted text/plain files. This could lead to unauthorized access, data theft, or other harmful consequences as attackers exploit the vulnerability to run malicious code in the context of a trusted site.

References

http://support.apple.com/kb/HT4808

x_refsource_CONFIRM

http://lists.apple.com/archives/security-announce/2011//J...

vendor-advisoryx_refsource_APPLE

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 21, 2011