CVE-2021-1748

Summary

A validation issue was addressed with improved input sanitization. This issue is fixed in tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 14.4affected
ApplewatchOSunspecified < 7.3affected
AppletvOSunspecified < 14.4affected

Weaknesses

  • Processing a maliciously crafted URL may lead to arbitrary javascript code execution

ADP Enrichment

CVE Program Container

Additional References

References