CVE-2013-5227Apple Safari vulnerability

CWE-2642 documents2 sources
Severity
6.4MEDIUMNVD
EPSS
0.6%
top 31.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedDec 18
Latest updateMay 17

Description

Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDapple/safari6.1+7

🔴Vulnerability Details

1
GHSA
GHSA-3qmh-69j2-8hj7: Apple Safari before 62022-05-17