WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
http://www.securitytracker.com/id/1033274
http://www.securityfocus.com/bid/76344
http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html
https://support.apple.com/kb/HT205033
https://support.apple.com/kb/HT205030
http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html
Source: Mitre, NVD
Published: 2015-08-16
Updated: 2025-04-12
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: Medium
Base Score: 8.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
Severity: High
EPSS: 0.00698