Primary

Context

Apple WebKit Universal Cross-Site Scripting Vulnerability

Vulnerability

Patched

A vulnerability in the WebKit component of Apple software that allows for universal cross-site scripting, which could be exploited by processing maliciously crafted web content. This issue is present in multiple Apple operating systems, including macOS Sequoia 15.6, iOS 18.6, iPadOS 18.6, tvOS 18.6, watchOS 11.6, and visionOS 2.6.

Impact

Exploitation of this vulnerability could lead to universal cross-site scripting, allowing an attacker to inject malicious scripts that could be executed in the context of the user's browser.

Remediation

Users can update to the latest versions of macOS, iOS, iPadOS, tvOS, watchOS, and visionOS to address this vulnerability.

Added: Jul 30, 2025, 2:00 AM

Updated: Jul 30, 2025, 2:00 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

4.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

4.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Universal Cross-Site Scripting Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Sequoia

Apple iPadOS

Apple tvOS

Apple watchOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating