VYPR

Safari Reader

by Apple Inc.

CVEs (3)

  • CVE-2017-2393MedApr 2, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Safari Reader" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site.

  • CVE-2016-4618MedSep 25, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."

  • CVE-2016-7650MedFeb 20, 2017
    risk 0.31cvss 4.7epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "Safari Reader" component, which allows remote attackers to conduct UXSS attacks via a crafted web site.