Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

...
...

Vulnerability

Safari reader same origin policy (SOP) bypass

Vulnerability Description

An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy

CVE-ID

CVE-2020-9911

Vendor

Apple

Product

  • Safari for macOS before 13.1.2
  • iOS and iPadOS before 13.6

Disclosure Timeline

  1. 19 April 2020 reported to the vendor
  2. 15 July 2020 fixed released by the vendor

Credits

Nikhil Mittal