WebKit Web Inspector Page Privilege Cross Domain Scripting Vulnerability

WebKit Web Inspector Page Privilege Cross Domain Scripting Vulnerability

WebKit is prone to a cross-domain scripting vulnerability.

An attacker may leverage this issue to bypass the same-origin policy to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it.