Safari exploit

The exploit is caused by a violation of the same-origin policy in WebKit's implementation of the IndexedDB API, and also affects all browsers on iOS/iPadOS 15.

Apple patches nine security flaws with the latest patch for Safari.

The Keen Team demonstrates two mobile Safari vulnerabilities, which grant access to Facebook credentials and photos stored on an iPhone 5 running iOS 7.0.3 or iOS 6.1.4.