CVE-2016-7650 — Cross-site Scripting in Apple Iphone OS

Vendor	Product	Version range	Fixed in
apple	ios	—	—
apple	iphone_os	<= 10.1.1	—
apple	safari	<= 10.0.1	—
apple	safari	—	—

Apple

CVE-2016-7650: Safari 10.0.2

vendor_apple·2016-12-13·CVSS 4.7

CVE-2016-7650 [MEDIUM] CVE-2016-7650: Safari 10.0.2 Apple Security Update: About the security content of Safari 10.0.2 Product: Safari Version: 10.0.2 CVE: CVE-2016-7650 Component: Safari Reader Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: Multiple validation issues were addressed through improved input sanitization.

Apple

CVE-2016-7650: iOS 10.2

vendor_apple·2016-12-12·CVSS 4.7

CVE-2016-7650 [MEDIUM] CVE-2016-7650: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-7650 Component: Safari Reader Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: Multiple validation issues were addressed through improved input sanitization.

GHSA

GHSA-p59j-f36r-7h6h: An issue was discovered in certain Apple products

ghsa_unreviewed·2022-05-17

CVE-2016-7650 [MEDIUM] CWE-79 GHSA-p59j-f36r-7h6h: An issue was discovered in certain Apple products An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "Safari Reader" component, which allows remote attackers to conduct UXSS attacks via a crafted web site.

CVE-2016-7650: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "Safari Reader"…

Affected

CVSS provenance