Apple Safari Cross-Domain Browser Location Information Disclosure Vulnerability

Attackers use standard HTML design utilities and webserver applications to exploit this issue.

A proof-of-concept example by Gareth Heyes is available at the following location where a browser can be tested for this weakness.

Proof of Concept:

The JavaScript code for this example is available:


Privacy Statement
Copyright 2010, SecurityFocus