CVE-2021-1825
Description
An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.437
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-1857,CVE-2021-1811,CVE-2021-1825,CVE-2020-7463 are fixed in iCloud 12.3 | Windows |
| Vulnerabilities CVE-2021-1857,CVE-2021-1811,CVE-2021-1825,CVE-2020-7463 are fixed in Apple iTunes (X64) (12.11.3.17) | Windows |
| Vulnerabilities CVE-2021-1857,CVE-2021-1811,CVE-2021-1825,CVE-2020-7463 are fixed in Apple iTunes (12.11.3.17) | Windows |
| Vulnerabilities CVE-2021-1811,CVE-2021-1825,CVE-2021-1857 are affected in iCloud 12.0-windows | Windows |
| Vulnerabilities CVE-2020-7463,CVE-2021-1811,CVE-2021-1825,CVE-2021-1857 are affected in Apple iTunes (X64) 12.11.2 | Windows |
| Vulnerabilities CVE-2020-7463,CVE-2021-1811,CVE-2021-1825,CVE-2021-1857 are affected in Apple iTunes 12.11.2 | Windows |
| Multiple vulnerabilities are fixed in MacOS Big Sur 11.3 - Software Update | Mac |
| Multiple vulnerabilities are fixed in MacOS Big Sur 11.3.1 - Software Update | Mac |
| Vulnerabilities CVE-2021-1811,CVE-2021-1825,CVE-2021-1857 are affected in Apple iTunes For Mac 12.11 | Mac |
| Vulnerabilities CVE-2021-1825,CVE-2021-30661 are affected in Apple Safari for MAC 14.0.3 | Mac |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk3-lang-2.34.3-2.82.1.noarch.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk3-debugsource-2.34.3-2.82.1.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gjs-1.56.2-5.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gjs-1.56.2-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-2.24.32-5.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-2.24.32-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) atkmm-2.24.2-7.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) atkmm-2.24.2-7.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gamin-0.1.10-32.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gamin-0.1.10-32.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) woff2-1.0.2-5.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) woff2-1.0.2-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) cairomm-1.12.0-8.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) cairomm-1.12.0-8.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtkmm24-2.24.5-6.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtkmm24-2.24.5-6.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtkmm30-3.22.2-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtkmm30-3.22.2-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) pangomm-2.40.1-6.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) pangomm-2.40.1-6.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) enchant2-2.2.3-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) enchant2-2.2.3-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geoclue2-2.5.5-2.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geoclue2-2.5.5-2.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) glibmm24-2.56.0-2.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) glibmm24-2.56.0-2.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-afc-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-afp-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-goa-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-mtp-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-smb-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) nautilus-3.28.1-15.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-fuse-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libdazzle-3.28.5-2.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libdazzle-3.28.5-2.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libvisual-0.4.0-25.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libvisual-0.4.0-25.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-devel-2.24.32-5.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-devel-2.24.32-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-devel-1.36.2-11.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-devel-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libepubgen-0.1.0-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libepubgen-0.1.0-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) soundtouch-2.0.0-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) soundtouch-2.0.0-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) dleyna-core-0.6.0-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) dleyna-core-0.6.0-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gnome-boxes-3.36.5-8.el8.rocky.0.1.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-client-1.36.2-11.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-client-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libsigc++20-2.10.0-6.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) libsigc++20-2.10.0-6.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) OpenEXR-libs-2.2.0-12.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) OpenEXR-libs-2.2.0-12.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geocode-glib-3.26.0-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geocode-glib-3.26.0-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gnome-photos-3.28.1-4.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-archive-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gvfs-gphoto2-1.36.2-11.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) dleyna-server-0.6.0-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geoclue2-libs-2.5.5-2.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geoclue2-libs-2.5.5-2.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geoclue2-demos-2.5.5-2.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gnome-terminal-3.28.3-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-immodules-2.24.32-5.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-immodules-2.24.32-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-devel-docs-2.24.32-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-immodule-xim-2.24.32-5.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gtk2-immodule-xim-2.24.32-5.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) chrome-gnome-shell-10.1-7.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geocode-glib-devel-3.26.0-3.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) geocode-glib-devel-3.26.0-3.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gnome-photos-tests-3.28.1-4.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) nautilus-extensions-3.28.1-15.el8.i686.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) nautilus-extensions-3.28.1-15.el8.x86_64.rpm | Linux |
| GNOME security, bug fix, and enhancement update (RLSA-2021:1586) gnome-terminal-nautilus-3.28.3-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update pangomm-2.40.1-6.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update pangomm-2.40.1-6.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update libepubgen-0.1.0-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update libepubgen-0.1.0-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update woff2-1.0.2-5.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update woff2-1.0.2-5.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update libsigc++20-2.10.0-6.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update libsigc++20-2.10.0-6.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update libvisual-0.4.0-25.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update libvisual-0.4.0-25.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update enchant2-2.2.3-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update enchant2-2.2.3-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geoclue2-2.5.5-2.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geoclue2-2.5.5-2.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geoclue2-demos-2.5.5-2.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geoclue2-libs-2.5.5-2.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geoclue2-libs-2.5.5-2.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geocode-glib-3.26.0-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geocode-glib-3.26.0-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geocode-glib-devel-3.26.0-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update geocode-glib-devel-3.26.0-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update OpenEXR-libs-2.2.0-12.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update OpenEXR-libs-2.2.0-12.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update atkmm-2.24.2-7.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update atkmm-2.24.2-7.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update cairomm-1.12.0-8.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update cairomm-1.12.0-8.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update dleyna-core-0.6.0-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update dleyna-core-0.6.0-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update dleyna-server-0.6.0-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update soundtouch-2.0.0-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update soundtouch-2.0.0-3.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update glibmm24-2.56.0-2.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update glibmm24-2.56.0-2.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gnome-boxes-3.36.5-8.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gnome-photos-3.28.1-4.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gnome-photos-tests-3.28.1-4.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-2.24.32-5.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-2.24.32-5.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-devel-2.24.32-5.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-devel-2.24.32-5.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-devel-docs-2.24.32-5.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-immodule-xim-2.24.32-5.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-immodule-xim-2.24.32-5.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-immodules-2.24.32-5.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtk2-immodules-2.24.32-5.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtkmm24-2.24.5-6.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtkmm24-2.24.5-6.el8.x86_64.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtkmm30-3.22.2-3.el8.i686.rpm | Linux |
| Moderate: GNOME security, bug fix, and enhancement update gtkmm30-3.22.2-3.el8.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-316162 | iCloud (7.21.0.23) (Deployment-Only) |
| PATCH-319277 | Apple iTunes (X64) (12.11.3.17) |
| PATCH-319276 | Apple iTunes (12.11.3.17) |
| PATCH-605752 | MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064) |
| PATCH-605752 | MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064) |
| PATCH-611604 | Apple Safari for MAC (MacOS Sonoma) (18.6) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234