Security Advisory

CVE-2011-3218

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-10-14 10:00:00

Last updated 2024-08-06 23:29:56

Assigner apple

State PUBLISHED

Description

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.

← Browse all CVEs View on cve.org ↗