Description
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | iOS, watchOS, Safari, iTunes for Windows, iCloud for Windows | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
| AND |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2018-16163 | A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2024-08-05T05:11:22.695Z
Reserved: 2018-01-02T00:00:00.000Z
Link: CVE-2018-4377
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-04-03T18:29:11.673
Modified: 2024-11-21T04:07:17.613
Link: CVE-2018-4377
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses