A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Sep 2024 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-09-16T23:23:16.230Z
Updated: 2024-09-17T13:46:52.600Z
Reserved: 2024-08-20T21:42:05.933Z
Link: CVE-2024-44187
Vulnrichment
Updated: 2024-09-17T13:46:45.960Z
NVD
Status : Awaiting Analysis
Published: 2024-09-17T00:15:52.037
Modified: 2024-09-20T12:31:20.110
Link: CVE-2024-44187
Redhat
No data.