CVE-2020-9952

Summary

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.

Affected Software

VendorProductVersion RangeStatus
AppleiOSunspecified < iOS 14.0 and iPadOS 14.0affected
AppletvOSunspecified < tvOS 14.0affected
ApplewatchOSunspecified < watchOS 7.0affected
AppleSafariunspecified < Safari 14.0affected
AppleiCloud for Windowsunspecified < iCloud for Windows 11.4affected
AppleiCloud for Windows (Legacy)unspecified < iCloud for Windows 7.21affected

Weaknesses

  • Processing maliciously crafted web content may lead to a cross site scripting attack

ADP Enrichment

CVE Program Container

Additional References

References