CVE-2005-0341
Summary
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
- MEDIUM
- NETWORK
- NONE
- PARTIAL
- NONE
- NONE
References
Advisory Timeline
- Published