Autofill Subframe Form Field Credential Discovery Vulnerability in Apple Safari

Autofill Subframe Form Field Credential Discovery Vulnerability in Apple Safari

CVE-2013-5227 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields.

Learn more about our Cis Benchmark Audit For Safari Browser.