Same Origin Policy Bypass in WebKit and Safari
CVE-2016-1785 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
Learn more about our Cis Benchmark Audit For Apple Ios.