Details are included in this document for the 04/08/2015 path for Safari that addressed a cross-domain vulnerability.