CVE-2024-44309
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
CVSS
—
Sin CVSS
EPSS
22.7%
p97
KEV
SÍ
21 nov 2024
Exploit Today
79
0-100
Publicado: — · Última mod.: —
Producto
Apple / Multiple Products
Vulnerabilidad
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
Añadido a KEV
21 nov 2024
Remediar antes de
12 dic 2024
Uso conocido en ransomware
No
Descripción resumida
Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://support.apple.com/en-us/121752, https://support.apple.com/en-us/121753, https://support.apple.com/en-us/121754, https://support.apple.com/en-us/121755, https://support.apple.com/en-us/121756 ; https://nvd.nist.gov/vuln/detail/CVE-2024-44309