CVE-2012-0587Cross-site Scripting in Apple Iphone OS

CWE-79Cross-site Scripting8 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 30.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedMar 8
Latest updateMay 14

Description

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDapple/iphone_os< 5.1

🔴Vulnerability Details

4
GHSA
GHSA-v9r6-47xh-p672: Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 52022-05-14
GHSA
GHSA-gh4v-9327-mcw8: Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 52022-05-14
GHSA
GHSA-pgwp-3x35-q886: Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 52022-05-14
GHSA
GHSA-f959-hv38-625c: Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 52022-05-14
CVE-2012-0587 — Cross-site Scripting in Apple Iphone OS | cvebase