An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.
References
Link | Resource |
---|---|
https://support.apple.com/HT211168 | Vendor Advisory |
https://support.apple.com/HT211171 | Vendor Advisory |
https://support.apple.com/HT211175 | Vendor Advisory |
https://support.apple.com/HT211177 | Broken Link Vendor Advisory |
https://support.apple.com/HT211178 | Vendor Advisory |
https://support.apple.com/HT211179 | Vendor Advisory |
https://support.apple.com/HT211181 | Vendor Advisory |
https://support.apple.com/HT211168 | Vendor Advisory |
https://support.apple.com/HT211171 | Vendor Advisory |
https://support.apple.com/HT211175 | Vendor Advisory |
https://support.apple.com/HT211177 | Broken Link Vendor Advisory |
https://support.apple.com/HT211178 | Vendor Advisory |
https://support.apple.com/HT211179 | Vendor Advisory |
https://support.apple.com/HT211181 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:41
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.apple.com/HT211168 - Vendor Advisory | |
References | () https://support.apple.com/HT211171 - Vendor Advisory | |
References | () https://support.apple.com/HT211175 - Vendor Advisory | |
References | () https://support.apple.com/HT211177 - Broken Link, Vendor Advisory | |
References | () https://support.apple.com/HT211178 - Vendor Advisory | |
References | () https://support.apple.com/HT211179 - Vendor Advisory | |
References | () https://support.apple.com/HT211181 - Vendor Advisory |
Information
Published : 2020-06-09 17:15
Updated : 2024-11-21 05:41
NVD link : CVE-2020-9843
Mitre link : CVE-2020-9843
CVE.ORG link : CVE-2020-9843
JSON object : View
Products Affected
apple
- icloud
- watchos
- itunes
- iphone_os
- ipados
- safari
- tvos
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')