CVE-2021-1879 - Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability

Vulnerability Name

Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability

Description

Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-1879

Related News Articles

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile CyberattackAugust 29, 2024

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendorsAugust 29, 2024