CVE-2010-1760
published 2010-08-19CVE-2010-1760: loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a…
critical10CVSS 3.1
AVNACLAuNCCICAC
loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | webkit | <= r58408 | — |
| apple | webkit | — | — |
| apple | webkit | — | — |
| apple | webkit | — | — |
| apple | webkit | — | — |