Arbitrary JavaScript Code Execution via Safari Extension URL in Apple Safari

Arbitrary JavaScript Code Execution via Safari Extension URL in Apple Safari

CVE-2011-3229 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.

Learn more about our Cis Benchmark Audit For Safari Browser.