The host is installed with Apple Safari before 12.0 and is prone to a CORS vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation allows attackers to execute arbitrary code.