The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Iphone_os |
Apple |
* |
8.4.1 |
References