CVE-2013-5129

Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple iOS before 7 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.

🔗 References (10)

• product-security@applehttp://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html
• product-security@applehttp://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
• product-security@applehttp://secunia.com/advisories/54886
• product-security@applehttp://support.apple.com/kb/HT5934
• product-security@applehttp://www.securitytracker.com/id/1029054
• af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html
• af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/54886
• af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT5934
• af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029054