CVE-2008-1001

Apple Safari - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1, when running on Windows XP or Vista, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that is not properly handled in the error page.

References (8)

Scores

EPSS 0.0040
EPSS Percentile 60.5%

Classification

CWE
CWE-79
Status draft

Affected Products (5)

apple/safari
apple/safari
apple/safari
apple/safari
apple/safari

Timeline

Published Mar 19, 2008
Tracked Since Feb 18, 2026