CVE-2013-5131

Published: Sep 19, 2013Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected (48)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

48 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 6.1.4
Apple Iphone Os	Version 1.0.0
Apple Iphone Os	Version 1.0.1
Apple Iphone Os	Version 1.0.2
Apple Iphone Os	Version 1.1.0
Apple Iphone Os	Version 1.1.1
Apple Iphone Os	Version 1.1.2
Apple Iphone Os	Version 1.1.3
Apple Iphone Os	Version 1.1.4
Apple Iphone Os	Version 1.1.5
Apple Iphone Os	Version 2.0.0
Apple Iphone Os	Version 2.0.1
Apple Iphone Os	Version 2.0.2
Apple Iphone Os	Version 2.0
Apple Iphone Os	Version 2.1.1
Apple Iphone Os	Version 2.1
Apple Iphone Os	Version 2.2.1
Apple Iphone Os	Version 2.2
Apple Iphone Os	Version 3.0.1
Apple Iphone Os	Version 3.0
Apple Iphone Os	Version 3.1.2
Apple Iphone Os	Version 3.1.3
Apple Iphone Os	Version 3.1
Apple Iphone Os	Version 3.2.1
Apple Iphone Os	Version 3.2.2
Apple Iphone Os	Version 3.2
Apple Iphone Os	Version 4.0.1
Apple Iphone Os	Version 4.0.2
Apple Iphone Os	Version 4.0
Apple Iphone Os	Version 4.1
Apple Iphone Os	Version 4.2.1
Apple Iphone Os	Version 4.2.5
Apple Iphone Os	Version 4.2.8
Apple Iphone Os	Version 4.3.0
Apple Iphone Os	Version 4.3.1
Apple Iphone Os	Version 4.3.2
Apple Iphone Os	Version 4.3.3
Apple Iphone Os	Version 4.3.5
Apple Iphone Os	Version 5.0.1
Apple Iphone Os	Version 5.0
Apple Iphone Os	Version 5.1.1
Apple Iphone Os	Version 5.1
Apple Iphone Os	Version 6.0.1
Apple Iphone Os	Version 6.0.2
Apple Iphone Os	Version 6.0
Apple Iphone Os	Version 6.1.2
Apple Iphone Os	Version 6.1.3
Apple Iphone Os	Version 6.1