CVE-2019-6228: XSS

Reference Links

• https://support.apple.com/en-us/HT209443 (Advisory)
• https://support.apple.com/en-us/HT209449 (Advisory)
• http://www.securityfocus.com/bid/106692
• https://support.apple.com/HT209443
• https://support.apple.com/HT209449

Parent vulnerabilities

(Appears in the following advisories)

• HT209449
• HT209443

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2019-6228
• CVE-2019-6215
• CVE-2019-6212
• CVE-2019-6216
• CVE-2019-6217
• CVE-2019-6226
• CVE-2019-6227
• CVE-2019-6233
• CVE-2019-6234
• CVE-2019-6229
• CVE-2019-8570
• CVE-2019-6235
• CVE-2019-6200
• CVE-2019-6202
• CVE-2019-6221
• CVE-2019-6231
• CVE-2019-6230
• CVE-2019-6224
• CVE-2019-6214
• CVE-2019-6225
• CVE-2019-6210
• CVE-2019-6205
• CVE-2019-6213
• CVE-2019-6209
• CVE-2019-6208
• CVE-2019-6206
• CVE-2019-6218
• CVE-2019-6219
• CVE-2018-20346
• CVE-2018-20505
• CVE-2018-20506
• CVE-2019-6211

Frequently Asked Questions

• What is CVE-2019-6228?

  CVE-2019-6228 is a cross-site scripting vulnerability in Safari that has been fixed in iOS 12.1.3 and Safari 12.0.3.

• How does CVE-2019-6228 affect me?

  If you are using an iOS version up to 12.1.3 or Safari version up to 12.0.3, processing maliciously crafted web content can lead to a cross-site scripting attack.

• How severe is CVE-2019-6228?

  CVE-2019-6228 has a severity rating of medium with a CVSS score of 6.1.

• What is the fix for CVE-2019-6228?

  To fix CVE-2019-6228, update your iOS device to version 12.1.3 or update Safari to version 12.0.3.

• Where can I find more information about CVE-2019-6228?

  You can find more information about CVE-2019-6228 at the following references: [http://www.securityfocus.com/bid/106692](http://www.securityfocus.com/bid/106692), [https://support.apple.com/HT209443](https://support.apple.com/HT209443), [https://support.apple.com/HT209449](https://support.apple.com/HT209449).