Launchpad.net

CVE 2019-8764

A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting.

See the CVE page on Mitre.org for more details.

References