CVE-2008-1011

Apple Safari - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via a frame that calls a method instance in another frame.

References (11)

Scores

EPSS 0.0216
EPSS Percentile 84.1%

Classification

CWE
CWE-79
Status draft

Affected Products (16)

apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
apple/safari
... and 1 more

Timeline

Published Mar 19, 2008
Tracked Since Feb 18, 2026