WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading Style Sheets (CSS) token sequences via a crafted web site.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2011-03-11T22:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2010-12-23T00:00:00
Link: CVE-2011-0161
JSON object: View
NVD Information
Status : Modified
Published: 2011-03-11T22:55:02.947
Modified: 2017-08-17T01:33:24.617
Link: CVE-2011-0161
JSON object: View
Redhat Information
No data.