CVE-2024-23271 | Apple watchOS Website cross-domain policy

Posted by Angelo Barbosa | Apr 24, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Apple watchOS. This issue affects some unknown processing of the component Website Handler. The manipulation leads to permissive cross-domain policy with untrusted domains.

The identification of this vulnerability is CVE-2024-23271. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23271 | Apple watchOS Website cross-domain policy

Related Posts

CVE-2024-1418 | CGC Maintenance Mode Plugin up to 1.2 on WordPress information disclosure

CVE-2024-6852 | WP MultiTasking Plugin up to 0.1.12 on WordPress Setting cross-site request forgery

CVE-2024-26445 | flusity CMS 2.33 delete_place.php cross-site request forgery

CVE-2023-50730 | graphql/grackle GraphQL Query stack-based overflow