The host is installed with Apple Safari before 12.0 and is prone to a cross-site-scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in URL validation. Successful exploitation allows attackers to execute scripts in the context of another website.