Flaw in Apple’s Safari browser
Safari, the world’s fourth most popular browser, contains a universal cross-site scripting bug that could be exploited to steal cookies, passwords or files, perform cross-site request forgeries (CSRF) or install viruses via malicious Javascript.