Bypassing Content Security Policy with Video Control and IMG Element in WebKit
CVE-2015-3751 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.
Learn more about our Cis Benchmark Audit For Apple Ios.