CVE-2020-3884

MEDIUM | Platform: macOS | Changelog

CVE Details

Description

An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution.

CVSS 3.1 Score

Metric	Value
Base Score	6.1 (MEDIUM)
Vector	`CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N`

Weakness

CWE-20
CWE-74

References

Apple Security Advisory
NVD Entry
https://support.apple.com/HT211100 (Release Notes, Vendor Advisory)