CVE-2024-44309
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
CVSS
—
No CVSS
EPSS
22.7%
p97
KEV
YES
Nov 21, 2024
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Apple / Multiple Products
Vulnerability
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
Added to KEV
Nov 21, 2024
Remediate by
Dec 12, 2024
Known ransomware use
No
Summary description
Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://support.apple.com/en-us/121752, https://support.apple.com/en-us/121753, https://support.apple.com/en-us/121754, https://support.apple.com/en-us/121755, https://support.apple.com/en-us/121756 ; https://nvd.nist.gov/vuln/detail/CVE-2024-44309