CVE-2018-4374

Summary

A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

Affected Software

VendorProductVersion RangeStatus
n/aiOS, watchOS, Safari, iTunes for Windows, iCloud for WindowsVersions prior to: iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8affected

Weaknesses

  • Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting

ADP Enrichment

CVE Program Container

Additional References

References