logo
Home/CVEs/CVE-2024-44309/

CVE-2024-44309 - Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability

Project:Apple

Product:Multiple Products

Date Added:2024-11-21Due Date:2024-12-12

Vulnerability Name

Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability

Description

Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/121752, https://support.apple.com/en-us/121753, https://support.apple.com/en-us/121754, https://support.apple.com/en-us/121755, https://support.apple.com/en-us/121756

https://nvd.nist.gov/vuln/detail/CVE-2024-44309

Related News Articles

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)November 25, 2024