icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

OmniWeb Browser Cross-Domain Dialog Box Spoofing

Low

Synopsis

The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.

Description

The remote host is using Omniweb, an alternative web browser for the MacOS platform. There is a cross-domain dialog box spoofing vulnerability affecting the remote version of this software. An attacker may exploit this flaw to trick a user into downloading a file from a third party site.

Solution

Upgrade or patch according to vendor recommendations.