CVE-2020-3867

Sažetak

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.

Reference

https://support.apple.com/HT210947
https://support.apple.com/HT210948
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00004.html
https://security.gentoo.org/glsa/202003-22

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

22-12-2021 - 18:04

Objavljeno

27-02-2020 - 21:15