Vulnerability Details CVE-2011-3254
Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 48.0%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2011-3254
-
cpe:2.3:o:apple:iphone_os:4.2
-
cpe:2.3:o:apple:iphone_os:4.2.1
-
cpe:2.3:o:apple:iphone_os:4.2.5
-
cpe:2.3:o:apple:iphone_os:4.2.8
-
cpe:2.3:o:apple:iphone_os:4.2.9
-
cpe:2.3:o:apple:iphone_os:4.3.0
-
cpe:2.3:o:apple:iphone_os:4.3.1
-
cpe:2.3:o:apple:iphone_os:4.3.2
-
cpe:2.3:o:apple:iphone_os:4.3.3
-
cpe:2.3:o:apple:iphone_os:4.3.4
-
cpe:2.3:o:apple:iphone_os:4.3.5