CVE-2018-4133

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
Link Resource
https://support.apple.com/HT208695 Vendor Advisory
http://www.securitytracker.com/id/1040606 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/103580 Third Party Advisory VDB Entry
https://usn.ubuntu.com/3635-1/ Third Party Advisory
https://security.gentoo.org/glsa/201808-04 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

Configuration 3 (hide)

cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:*

Information

Published : 2018-04-02 23:29

Updated : 2018-11-09 10:03


NVD link : CVE-2018-4133

Mitre link : CVE-2018-4133


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

webkitgtk

  • webkitgtk\+

canonical

  • ubuntu_linux

apple

  • safari