CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
Percentile
69.0%
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does
not properly handle the window.console._inspectorCommandLineAPI property,
which allows user-assisted remote attackers to bypass the Same Origin
Policy and conduct cross-site scripting (XSS) attacks via a crafted web
site.
Author | Note |
---|---|
jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) |