CVE-2019-8658
Description
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
CWE
- (none)
Affected
- Apple / iOS — v=unspecified <iOS 12.4 [affected]
- Apple / macOS — v=unspecified <macOS Mojave 10.14.6 [affected]
- Apple / tvOS — v=unspecified <tvOS 12.4 [affected]
- Apple / watchOS — v=unspecified <watchOS 5.3 [affected]
- Apple / Safari — v=unspecified <Safari 12.1.2 [affected]
- Apple / iTunes for Windows — v=unspecified <iTunes for Windows 12.9.6 [affected]
- Apple / iCloud for Windows — v=unspecified <iCloud for Windows 7.13 [affected]
- Apple / iCloud for Windows (Microsoft Store) — v=unspecified <iCloud for Windows 10.6 [affected]
CVSS
- (none)
References
- https://support.apple.com/HT210353 x_refsource_MISC
- https://support.apple.com/HT210346 x_refsource_MISC
- https://support.apple.com/HT210348 x_refsource_MISC
- https://support.apple.com/HT210351 x_refsource_MISC
- https://support.apple.com/HT210355 x_refsource_MISC
- https://support.apple.com/HT210356 x_refsource_MISC
- https://support.apple.com/HT210357 x_refsource_MISC
- https://support.apple.com/HT210358 x_refsource_MISC
Source
cvelistV5-main/cves/2019/8xxx/CVE-2019-8658.json