Cross-Site Scripting (XSS) Vulnerability in macOS HelpViewer Component

CVE-2017-13819 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML documents.

Learn more about our Cis Benchmark Audit For Apple Macos.