The host is installed with Apple Safari before 4.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly convert invalid byte sequences to Unicode. Successful exploitation could allow attackers to bypass filters on websites that attempt to mitigate cross-site scripting.