AutoFill Information Disclosure Vulnerability in Apple Safari

CVE-2011-0217 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.

Learn more about our Cis Benchmark Audit For Safari Browser.