An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors.
https://support.apple.com/HT207617
https://support.apple.com/HT207600
https://security.gentoo.org/glsa/201706-15