Apple macOS Catalina 10.15.3 Improper Neutralization of Special Elements in Output Used by a Downstream Component Vulnerability

Summary

A remote attacker may be able to cause arbitrary javascript code execution

Credit:

The information has been provided by Vendor

The original article can be found at https://support.apple.com/HT211100


Details

An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution.

Vulnerable Systems:

macOS High Sierra 10.13.6,

macOS Catalina 10.15.3

    CVE Information:

    CVE-2020-3884

    Disclosure Timeline:
    Published Date:04/08/2020

    Categories: FeaturedNews