Back

CVE-2024-40857

Sept. 17, 2024, 12:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

iOS

  • 18

iPadOS

  • 18

watchOS

  • 11

tvOS

  • 18

Safari

  • 18

MacOS

  • Sequoia 15

Source

product-security@apple.com

Tags

product-security@apple.com
2024-09-17
CVE-2024-40857

CVE-2024-40857 details

Published : Sept. 17, 2024, 12:15 a.m.
Last Modified : Sept. 17, 2024, 12:15 a.m.

Description

This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://support.apple.com/en-us/121238 product-security@apple.com
https://support.apple.com/en-us/121240 product-security@apple.com
https://support.apple.com/en-us/121241 product-security@apple.com
https://support.apple.com/en-us/121248 product-security@apple.com
https://support.apple.com/en-us/121249 product-security@apple.com
https://support.apple.com/en-us/121250 product-security@apple.com
This website uses the NVD API, but is not approved or certified by it.