The host is installed with Apple Mac OS X 10.14.6 or 10.13.6 and Safari before 13.0.1 and is prone to an insufficient policy enforcement vulnerability. A flaw is present in the application, which fails to properly handle iframe sandbox enforcement issue. Successful exploitation allows an attacker to violate iframe sandboxing policy.