Medium severity6.1NVD Advisory· Published Sep 17, 2024· Updated Apr 2, 2026
CVE-2024-40857
CVE-2024-40857
Description
This issue was addressed through improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to universal cross site scripting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <18.0
- (no CPE)range: <18
Patches
Vulnerability mechanics
References
10- support.apple.com/en-us/121238nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121240nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121241nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121248nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121249nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121250nvdRelease NotesVendor Advisory
- seclists.org/fulldisclosure/2024/Sep/32nvd
- seclists.org/fulldisclosure/2024/Sep/33nvd
- seclists.org/fulldisclosure/2024/Sep/36nvd
- seclists.org/fulldisclosure/2024/Sep/37nvd
News mentions
0No linked articles in our index yet.