An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL.