CVE-2024-23271 | Apple tvOS Website cross-domain policy

Inserito da Angelo Barbosa | Apr 24, 2024 | CVE

A vulnerability classified as critical has been found in Apple tvOS. This affects an unknown part of the component Website Handler. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is uniquely identified as CVE-2024-23271. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23271 | Apple tvOS Website cross-domain policy

Post correlati

CVE-2024-1401 | Profile Box Shortcode and Widget Plugin up to 1.2.0 on WordPress cross site scripting

CVE-2024-20520 | Cisco RV042/RV042G/RV320/RV325 up to 4.2.3.14 Web-based Management Interface stack-based overflow (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)

CVE-2024-26311 | Archer Platform up to 6.14 P2 cross site scripting

CVE-2024-27054 | Linux Kernel up to 5.15.152/6.1.82/6.6.22/6.7.10/6.8.1 s390 Privilege Escalation