First published: Tue Sep 26 2023(Updated: )
An attacker with JavaScript execution may be able to execute arbitrary code. This issue was addressed with improved iframe sandbox enforcement. Reference: <a href="https://webkitgtk.org/security/WSA-2023-0009.html#CVE-2023-40451">https://webkitgtk.org/security/WSA-2023-0009.html#CVE-2023-40451</a>
Credit: product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<17 | 17 | |
Apple Safari | <17.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue in WebKit is CVE-2023-40451.
This issue was addressed with improved iframe sandbox enforcement.
The Apple Safari browser version up to but excluding 17 is affected by this vulnerability.
To fix this vulnerability, update your Apple Safari browser to version 17 or newer.
More information about this vulnerability can be found on Apple's support page: https://support.apple.com/en-us/HT213941