Cross-Origin audio data exfiltration vulnerability in WebKit in Apple Mac OS or Safari - CVE-2024-23254ID: oval:org.secpod.oval:def:98340 | Date: (C)2024-03-08 (M)2024-06-03 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS 14 before 14.4 or Apple Safari before 17.4 on Apple Mac OS 12, or Apple Mac OS 13 and is prone to a cross-Origin audio data exfiltration vulnerability. A flaw is present in the application, which fails to properly handle issues in improved UI handling. On successful exploitation, a malicious website may exfiltrate audio data cross-origin.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |