• info
• discussion
• exploit
• solution
• references

Apple Safari WebCore History Object Cross-Site Scripting Vulnerability

To launch an attack, an attacker must be able to control the content of a frame of a site visited by the victim.