CVE-2023-40451
First published: Tue Sep 26 2023(Updated: )
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.
Credit: product-security@apple.com product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <17 | 17 | |
| Apple Safari | <17.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this issue in WebKit?
The vulnerability ID for this issue in WebKit is CVE-2023-40451.
How was this issue addressed?
This issue was addressed with improved iframe sandbox enforcement.
Which software is affected by this vulnerability?
The Apple Safari browser version up to but excluding 17 is affected by this vulnerability.
How can I fix this vulnerability?
To fix this vulnerability, update your Apple Safari browser to version 17 or newer.
Where can I find more information about this vulnerability?
More information about this vulnerability can be found on Apple's support page: https://support.apple.com/en-us/HT213941
- collector/nvd-index
- agent/author
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/nvd-api
- source/NVD
- vendor/apple
- canonical/apple safari