The discovered vulnerability in Apple's proprietary browser Safari 15 can reveal information about the last sites visited by users and some data about the Google account. Finding data was published on the FingerprintJS portal blog.
The vulnerability is based on the IndexedDB browser API, which is designed to store large amounts of data. Using this exploit, the site can see the user's browser history and access personal data thanks to the user's Google ID, which is used to make API requests to Google services.
The results of the FingerprintJS study show that more than 30 sites are affected by this vulnerability. The authors do not exclude that this number may be much higher than stated.
FingerprintJS noted that they reported the discovered exploit to Apple on November 28, but it has not yet been fixed.