CVE-2020-9843

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*
cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*
cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:41

Type Values Removed Values Added
References () https://support.apple.com/HT211168 - Vendor Advisory () https://support.apple.com/HT211168 - Vendor Advisory
References () https://support.apple.com/HT211171 - Vendor Advisory () https://support.apple.com/HT211171 - Vendor Advisory
References () https://support.apple.com/HT211175 - Vendor Advisory () https://support.apple.com/HT211175 - Vendor Advisory
References () https://support.apple.com/HT211177 - Broken Link, Vendor Advisory () https://support.apple.com/HT211177 - Broken Link, Vendor Advisory
References () https://support.apple.com/HT211178 - Vendor Advisory () https://support.apple.com/HT211178 - Vendor Advisory
References () https://support.apple.com/HT211179 - Vendor Advisory () https://support.apple.com/HT211179 - Vendor Advisory
References () https://support.apple.com/HT211181 - Vendor Advisory () https://support.apple.com/HT211181 - Vendor Advisory

Information

Published : 2020-06-09 17:15

Updated : 2024-11-21 05:41


NVD link : CVE-2020-9843

Mitre link : CVE-2020-9843

CVE.ORG link : CVE-2020-9843


JSON object : View

Products Affected

apple

  • icloud
  • watchos
  • itunes
  • iphone_os
  • ipados
  • safari
  • tvos
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')