CVE-2016-4676
A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.
Date published : 2020-02-03
https://lists.apple.com/archives/security-announce/2016/Oct/msg00002.html