A new cross-site scripting (XSS) vulnerability in Safari that exploits the browser’s TypeError exception handling mechanism to execute arbitrary JavaScript code. The flaw, discovered during Gareth Heyes research into payload concealment techniques, demonstrates how Safari’s improper handling of quote escaping in TypeError messages can be weaponized for malicious code execution. This vulnerability represents a significant […]
The post New Safari XSS Flaw Leverages JavaScript Error Handling to Execute Arbitrary Code appeared first on Cyber Security News.
This article has been indexed from Cyber Security News