CSS Vulnerability: Information Disclosure via a:visited button Selector

CSS Vulnerability: Information Disclosure via a:visited button Selector

CVE-2016-1728 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site.

Learn more about our Cis Benchmark Audit For Apple Ios.