UNKNOWN Severity
CVE-2026-28871
Last updated Mar 27, 2026 · Published Mar 25, 2026
Description
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.
Affected products
1 listed- Apple:Safari; Apple:iOS and iPadOS; Apple:macOS
Mappings
CWE
None listed.
CAPEC
None listed.
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms