Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-28871

Опубликовано: 25 мар. 2026
Источник: nvd
CVSS3: 4.3
EPSS Низкий

Описание

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Версия до 26.4 (исключая)
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Версия до 18.7.7 (исключая)
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Версия от 26.0 (включая) до 26.4 (исключая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Версия до 18.7.7 (исключая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Версия от 26.0 (включая) до 26.4 (исключая)
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Версия до 26.4 (исключая)

EPSS

Процентиль: 19%
0.00276
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2026-28871

CVSS3: 4.3
ubuntu
3 месяца назад

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.

redhat логотип

CVE-2026-28871

CVSS3: 4.3
redhat
3 месяца назад

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.

debian логотип

CVE-2026-28871

CVSS3: 4.3
debian
3 месяца назад

A logic issue was addressed with improved checks. This issue is fixed ...

github логотип

GHSA-m46v-chmw-rw9m

CVSS3: 4.3
github
3 месяца назад

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.

suse-cvrf логотип

SUSE-SU-2026:1648-1

suse-cvrf
около 2 месяцев назад

Security update for webkit2gtk3

EPSS

Процентиль: 19%
0.00276
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-79