Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
References
Configurations
History
No history.
Information
Published : 2005-05-02 04:00
Updated : 2023-12-10 10:28
NVD link : CVE-2005-0341
Mitre link : CVE-2005-0341
CVE.ORG link : CVE-2005-0341
JSON object : View
Products Affected
apple
- safari
CWE