The host is installed with Apple Safari before 12.1 and is prone to a cross-origin vulnerability. A flaw is present in the application, which fails to properly handle an issue in fetch API. Successful exploitation of a maliciously crafted web content may disclose sensitive user information.