← Back

CVE-2023-40451

nvd nist
Published: Sep 27, 2023Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.

Affected (1)

Products: Apple: Safari
Apple
1 product
Safari
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Safari
Before 17.0

References (9)

Source: product-security@apple.com
Mailing ListThird Party Advisory
Source: product-security@apple.com
Mailing List
Source: product-security@apple.com
Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.