CVE-2023-40451

Summary

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
AppleSafariunspecified < 17affected

Weaknesses

  • An attacker with JavaScript execution may be able to execute arbitrary code

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References