Vulnerability
Safari reader same origin policy (SOP) bypass
Vulnerability Description
An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy
CVE-ID
CVE-2020-9911
Vendor
Apple
Product
- Safari for macOS before 13.1.2
- iOS and iPadOS before 13.6
Disclosure Timeline
- 19 April 2020 reported to the vendor
- 15 July 2020 fixed released by the vendor
Credits
Nikhil Mittal