CVE-2024-23271 | Apple macOS Website cross-domain policy

Inserito da Angelo Barbosa | Apr 24, 2024 | CVE

A vulnerability, which was classified as critical, was found in Apple macOS. Affected is an unknown function of the component Website Handler. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is traded as CVE-2024-23271. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23271 | Apple macOS Website cross-domain policy

Post correlati

CVE-2023-38519 | MainWP Dashboard Plugin up to 4.4.3.3 on WordPress sql injection

CVE-2024-2910 | Ruijie RG-EG350 up to 20240318 HTTP POST Request vpn_quickset_service.php vpnAction ip/port/user/pass/dns/startIp os command injection

CVE-2024-34012 | Acronis Cloud Manager 6.2.23089.203 on Windows default permission

CVE-2024-9443 | Basticom Framework Plugin up to 1.5.0 on WordPress SVG File Upload cross site scripting