CVE-2013-1013
XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.
Date published : 2013-06-05
http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html