DescriptionWebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- openSUSE-SU-2016:0761-1, published Tue, 15 Mar 2016 13:12:09 +0100 (CET)
SUSE Timeline for this CVECVE page created: Mon Aug 17 03:15:29 2015
CVE page last modified: Fri Oct 7 12:47:09 2022