CVE-2022-32891
MEDIUMSafari < 16.0 - UI Spoofing via Malicious Framed Content
Title source: llmDescription
The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing.
References (5)
Core 5
Core References
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202305-32
Vendor Advisory
https://support.apple.com/en-us/HT213442
Vendor Advisory
https://support.apple.com/en-us/HT213446
Vendor Advisory
https://support.apple.com/en-us/HT213486
Vendor Advisory
https://support.apple.com/en-us/HT213487
Scores
CVSS v3
6.1
EPSS
0.0070
EPSS Percentile
48.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1021
Status
published
Products (4)
apple/iphone_os
< 16.0
apple/safari
< 16.0
apple/tvos
< 16.0
apple/watchos
< 9.0
Published
Feb 27, 2023
Tracked Since
Feb 18, 2026