CVE-2020-3902: CVE-2020-3902

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-3902

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Apple产品WebKit组件跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

WebKit for Apple是美国苹果（Apple）公司的一款用于高效稳定的开源浏览器引擎。多款Apple产品中的WebKit组件存在跨站脚本漏洞。攻击者可借助恶意制作的Web内容利用该漏洞实施跨站脚本攻击。以下产品及版本受到影响：基于Windows平台的Apple iCloud 7.18之前版本，10.9.3之前版本；基于Windows平台的iTunes 12.10.5之前版本；iOS 13.4之前版本；iPadOS 13.4之前版本；Safari 13.1之前版本；tvOS 13.4之前版本。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Apple	iOS	unspecified ~ iOS 13.4 and iPadOS 13.4	-
Apple	tvOS	unspecified ~ tvOS 13.4	-
Apple	Safari	unspecified ~ Safari 13.1	-
Apple	iTunes for Windows	unspecified ~ iTunes for Windows 12.10.5	-
Apple	iCloud for Windows	unspecified ~ iCloud for Windows 10.9.3	-
Apple	iCloud for Windows (Legacy)	unspecified ~ iCloud for Windows 7.18	-

II. Public POCs for CVE-2020-3902

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-3902

Please Login to view more intelligence information

https://support.apple.com/HT211107x_refsource_MISC
https://support.apple.com/HT211102x_refsource_MISC
https://support.apple.com/HT211101x_refsource_MISC
https://support.apple.com/HT211105x_refsource_MISC
https://support.apple.com/HT211104x_refsource_MISC
https://support.apple.com/HT211106x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-3902

New Vulnerabilities

Product: iOS

Vendor: Apple

V. Comments for CVE-2020-3902

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2020-3902

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-3902

III. Intelligence Information for CVE-2020-3902

New Vulnerabilities

V. Comments for CVE-2020-3902

Leave a comment