Security Advisory

CVE-2015-5828

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-10-09 01:00:00

Last updated 2024-08-06 06:59:04

Assigner apple

State PUBLISHED

Description

The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.

← Browse all CVEs View on cve.org ↗