Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
References
Configurations
Information
Published : 2005-05-01 21:00
Updated : 2017-07-10 18:32
NVD link : CVE-2005-0341
Mitre link : CVE-2005-0341
JSON object : View
CWE
Products Affected
apple
- safari