CVE-2006-0389 — Cross-site Scripting in Apple MAC OS X

2 documents2 sources

Severity

2.6LOWNVD

EPSS

0.6%

top 30.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMar 3

Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/mac_os_x6 versions+5

▶NVDapple/mac_os_x_server6 versions+5

Patches

Patch: lists.apple.com ↗Patch: secunia.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-rf37-96c2-34pf: Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10↗2022-05-01

▶