FTP URL userinfo Field Handling Vulnerability in WebKit

FTP URL userinfo Field Handling Vulnerability in WebKit

CVE-2015-1126 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.

Learn more about our Cis Benchmark Audit For Apple Ios.