Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-0478 | 1 Apple | 3 Mac Os X, Safari, Webcore | 2018-10-16 | 4.3 MEDIUM | N/A |
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment. | |||||
CVE-2007-2409 | 1 Apple | 3 Mac Os X, Mac Os X Server, Webcore | 2017-07-28 | 4.3 MEDIUM | N/A |
Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window. | |||||
CVE-2007-2410 | 1 Apple | 3 Mac Os X, Mac Os X Server, Webcore | 2017-07-28 | 4.3 MEDIUM | N/A |
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks. |