CVE-2013-1013 — Improper Input Validation in Apple Safari

CWE-20 — Improper Input Validation3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 56.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari

Timeline

PublishedJun 5

Latest updateMay 17

Description

XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/safari6.0.4+4

🔴Vulnerability Details

GHSA

GHSA-v2j2-j5rx-h5mx: XSS Auditor in WebKit in Apple Safari before 6↗2022-05-17

▶

OSV

CVE-2013-1013: XSS Auditor in WebKit in Apple Safari before 6↗2013-06-05

▶