Apple Recently reported working on a fix worm in safari Web browser, according to a report by 9To5Mac. The bug was reported by fingerprintjs.com and allows one to extract a user’s browsing history and even the Google ID stored there.
A security vulnerability was found in the implementation of IndexedDB, the JavaScript API used to store the data. With the help of this bug, cybercriminals can view recently accessed URLs and even get Google user ID, which exposes your personal information.
As FingerprintJS.com reports, IndexedDB follows the same origin policy that restricts how documents or scripts loaded from one origin can interact with resources from other origins. “In Safari On macOS 15, and in all browsers on iOS and iPadOS 15, the IndexedDB API is violating the same-origin policy. Every time a website interacts with a database, a new (empty) database with the same name is created in all other active frames, tabs and windows within the same browser session,” the report added.
“Based on webkit commit GitHub, Apple engineers are already working out a solution for safari bug who leaks user data,” 9To5Mac reported.
Although the date of the fix is not yet clear, Apple is expected to send a cure with the updated build of iOS 15 to a new version of the Safari browser (using the latest WebKit engine). MacOS MontereyAccording to a report by MacRumors.
,