WebKit contains a flaw that is triggered when a canonicalization error occurs during the handling of URLs. This may allow a remote attacker to conduct cross-site scripting attacks against websites using the location.href property.
Remote / Network Access
Loss of Integrity
OSVDB is not currently aware of a solution for this vulnerability.
Upgrade to Apple Safari version 6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.