CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
89.8%
Apple Safari allows remote attackers to discover a redirect’s target URL,
for the session of a specific user of a web site, by placing the site’s URL
in the HREF attribute of a stylesheet LINK element, and then reading the
document.styleSheets[0].href property value.
Author | Note |
---|---|
jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) also see webkit ML id: 517633587.414181263500810776.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com |