Unrated severityNVD Advisory· Published Jun 14, 2007· Updated Jun 16, 2026
CVE-2007-2391
CVE-2007-2391
Description
Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via a web page that includes a windows.setTimeout function that is activated after the user has moved from the current page.
Affected products
2cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*
- (no CPE)range: = 3.0.1 Beta for Windows
Patches
Vulnerability mechanics
References
8- lists.apple.com/archives/security-announce/2007/Jun/msg00000.htmlnvdPatch
- osvdb.org/36605nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/471255/100/0/threadednvd
- www.securityfocus.com/archive/1/471266/100/0/threadednvd
- www.securityfocus.com/bid/24457nvd
- www.vupen.com/english/advisories/2007/2192nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34847nvd
News mentions
0No linked articles in our index yet.