Back to search
CVE-2020-3867
Published: Feb 27, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.
| Vendor | Product | Versions |
|---|---|---|
Apple | iOS | affected unspecified - < iOS 13.3.1 and iPadOS 13.3.1 |
Apple | tvOS | affected unspecified - < tvOS 13.3.1 |
Apple | Safari | affected unspecified - < Safari 13.0.5 |
Apple | iTunes for Windows | affected unspecified - < iTunes for Windows 12.10.4 |
Apple | iCloud for Windows | affected unspecified - < iCloud for Windows 11.0 |
Apple | iCloud for Windows (Legacy) | affected unspecified - < iCloud for Windows 7.17 |
References
https://support.apple.com/HT210947
x_refsource_MISC
https://support.apple.com/HT210948
x_refsource_MISC
openSUSE-SU-2020:0278
vendor-advisory
x_refsource_SUSE
GLSA-202003-22
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now