Описание
A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name This issue is fixed in Safari 18.5, macOS Sequoia 15.5. A website may be able to spoof the domain name in the title of a pop-up window.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 18.5 (исключая)Версия до 15.5 (исключая)
Одно из
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00022
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-451
Связанные уязвимости
CVSS3: 4.3
github
3 месяца назад
A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name This issue is fixed in Safari 18.5, macOS Sequoia 15.5. A website may be able to spoof the domain name in the title of a pop-up window.
EPSS
Процентиль: 5%
0.00022
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-451