CVE-2019-8754

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/10/2020
Last modified:
29/10/2020

Description

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A malicious HTML document may be able to render iframes with sensitive user information.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* 10.15.1 (excluding)


References to Advisories, Solutions, and Tools