3h6

1 exploit Active since Aug 2021

CVE-2021-30862 NOMISEC MEDIUM WORKING POC

iTunes U < 3.8.3 - Remote Code Execution via Malicious URL Processing

A validation issue was addressed with improved input sanitization. This issue is fixed in iTunes U 3.8.3. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.

1 stars

CVSS 6.1

View Code