The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2016-06-19T20:00:00
Updated: 2024-08-05T23:10:40.109Z
Reserved: 2016-01-13T00:00:00
Link: CVE-2016-1864
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-06-19T20:59:11.380
Modified: 2017-09-01T01:29:05.070
Link: CVE-2016-1864
Redhat
No data.