header-logo
Suggest Exploit
vendor:
WebKit
by:
Unknown
7.5
CVSS
HIGH
Cross-Domain Scripting
Unknown
CWE
Product Name: WebKit
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Cross-Domain Scripting Vulnerability in WebKit

The WebKit browser engine fails to enforce the same-origin policy, allowing attackers to send the content of arbitrary files from the user's system to a remote server controlled by them. This can result in the disclosure of potentially sensitive information and aid in further attacks.

Mitigation:

Apply the latest security patches or updates from the vendor. Avoid visiting untrusted websites or clicking on suspicious links.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/46816/info

WebKit is prone to a cross-domain scripting vulnerability because it fails to properly enforce the same-origin policy.

Successfully exploiting this issue will allow attackers to send the content of arbitrary files from the user's system to a remote server controlled by them. This results in disclosure of potentially sensitive information which may aid in further attacks. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35434.zip

Navigation

Suggest Exploit

Services By CQR