CVE-2018-4374
N/A
N/A
Summary
A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | iOS, watchOS, Safari, iTunes for Windows, iCloud for Windows | Versions prior to: iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8 | affected |
Weaknesses
- Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting
ADP Enrichment
CVE Program Container
Additional References
- https://support.apple.com/kb/HT209192
- https://support.apple.com/kb/HT209195
- https://support.apple.com/kb/HT209197
- https://support.apple.com/kb/HT209198
- https://support.apple.com/kb/HT209196
References
- https://support.apple.com/kb/HT209192
- https://support.apple.com/kb/HT209195
- https://support.apple.com/kb/HT209197
- https://support.apple.com/kb/HT209198
- https://support.apple.com/kb/HT209196
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.