ID | CVE-2014-1346 | ||||||
Sažetak | WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL. | ||||||
Reference | |||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:L/Au:N/C:N/I:P/A:N | ||||||
Zadnje važnije ažuriranje | 08-12-2015 - 20:28 | ||||||
Objavljeno | 22-05-2014 - 19:55 |