Back to search
CVE-2005-0341
Published: Feb 10, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1013087
vdb-entry
x_refsource_SECTRACK
20050204 Input Validation Vulnerability in Apple Safari version 1.2.4 v125.12
mailing-list
x_refsource_BUGTRAQ
http://tigger.uic.edu/~jrockw2/safari_20050204.txt
x_refsource_MISC
safari-contenttype-xss(19227)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now