Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2021-1879

Apple | iOS, iPadOS, and watchOSAdded 2021-11-03Remediation Deadline 2021-11-17

Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability

Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-79

References