CVE-2013-1013

MEDIUM

Description

XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.

References

http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html

http://support.apple.com/kb/HT5785

Details

Source: MITRE

Published: 2013-06-05

Updated: 2013-06-05

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM