The host is installed with Apple Safari before 10.0.2 and is prone to an universal cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle safari reader feature. Successful exploitation could allow attackers to execute arbitrary code.