Apple watchOS
Moderate fix1 remedy
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*
Moderate fix1 remedy
Apple WebKit Universal Cross-Site Scripting Vulnerability
Vulnerability
Patched
A vulnerability in the WebKit component of various Apple operating systems, including macOS Sequoia 15, watchOS 11, iOS 18, iPadOS 18, and tvOS 18, allows for universal cross-site scripting. This issue arises from improper handling of custom URL schemes, which can be exploited by maliciously crafted web content, potentially leading to cross-origin data exfiltration or user interface spoofing.
Impact
Exploitation of this vulnerability could result in universal cross-site scripting, allowing an attacker to execute scripts in the context of the user's browser.
Remediation
Users can update to the latest versions of macOS, watchOS, iOS, iPadOS, and tvOS to address this vulnerability.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
9.0impact
0.6exploitability
4.4remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.