AI Score
Confidence
Low
EPSS
Percentile
31.3%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
A cross-origin issue existed with “iframe” elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.