CVE-2019-8503

Summary

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 12.2affected
AppletvOSunspecified < tvOS 12.2affected
AppleSafariunspecified < Safari 12.1affected
AppleiTunes for Windowsunspecified < iTunes 12.9.4 for Windowsaffected
AppleiCloud for Windowsunspecified < iCloud for Windows 7.11affected

Weaknesses

  • A malicious website may be able to execute scripts in the context of another website

ADP Enrichment

CVE Program Container

Additional References

References