CVE-2021-1825

Name
CVE-2021-1825
Description
An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://support.apple.com/en-us/HT212321
MISC https://support.apple.com/en-us/HT212318
MISC https://support.apple.com/en-us/HT212319
MISC https://support.apple.com/en-us/HT212317
MISC https://support.apple.com/en-us/HT212325
MISC https://support.apple.com/en-us/HT212323
MISC https://support.apple.com/en-us/HT212324

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:* icloud >= None < 12.3
cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:* itunes >= None < 12.11.3
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* safari >= None < 14.1
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* ipados >= None < 14.5
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* iphone_os >= None < 14.5
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* macos >= 11.0 < 11.3
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* tvos >= None < 14.5
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* watchos >= None < 7.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status