Vulnerabilities > Apple > Webcore
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-08-03 | CVE-2007-2410 | Multiple Security vulnerability in Apple Mac OS X 2007-007 WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks. network apple | 4.3 |
| 2007-08-03 | CVE-2007-2409 | Multiple Security vulnerability in Apple Mac OS X 2007-007 Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window. network apple | 4.3 |
| 2007-01-25 | CVE-2007-0478 | Cross-Site Scripting vulnerability in Apple Safari and Webcore WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment. | 4.3 |