The WebKit Storage flaw allowed hackers to execute arbitrary code on a user’s device without consent via maliciously crafted web content. This is a technique which enables malicious people to inject client-side scripts into web pages viewed by other users. This vulnerability let attackers craft malicious web content which could result in a cross-site scripting attack. In WebKit, Apple has addressed an input validation issue with improved input validation. There are three major vulnerabilities that Safari 14.1 patches, spanning WebKit, WebKit Storage, and WebKit RTC. The flaws are detailed in a support document on Apple's website. That's because the new Safari 14.1 patches WebKit vulnerabilities that permit bad actors to execute rogue code on your computer without user consent. WebKit is a layout engine used by Apple's own Safari browser and all third-party browsers on the iPhone and iPad. Safari 14.1 Fixes Three WebKit Vulnerabilities
If you have an older Mac running macOS Mojave or Catalina, you're recommended to download Safari 14.1 to strengthen your computer's security and protect your privacy.