CVE-2024-44309 is a zero-day vulnerability addressed in Apple products, including Safari, iOS, iPadOS, macOS, and visionOS. Exploiting this flaw by processing maliciously crafted web content may lead to a cross-site scripting (XSS) attack. It has been actively exploited on Intel-based Mac systems. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1.
See more details on: