Sensitive Information Disclosure in Safari's Private Browsing Implementation

Sensitive Information Disclosure in Safari's Private Browsing Implementation

CVE-2015-1127 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.

Learn more about our Web App Pen Testing.