Apple Reportedly Patches XSS Vulnerability on iCloud's Website - MacRumors
Skip to Content

Apple Reportedly Patches XSS Vulnerability on iCloud's Website

by

In a blog post shared by ZDNet, security researcher Vishal Bharad claims that he found a bug that would have allowed a hacker to inject a virus or malicious script onto Apple's ‌iCloud‌ website.

24330f3b719ded3a3092a6ff695d8a34

According to Bharad, the vulnerability consisted of creating a Pages or Keynote document on the ‌iCloud‌ website with the name field containing the XSS payload. Sharing the document with another user, creating a change, saving, and then clicking "Browse All Versions" under Settings would have triggered the XSS payload.

Given the vulnerability revolved around the ‌iCloud‌ website, it's not linked to a recent software update and has reportedly been patched by Apple server-side. Bharad says he submitted the issue to Apple on August 7, 2020, and received a $5,000 bounty on October 9, 2020. We've reached out to Apple for comment and we'll update if we hear back.

Tags: iCloud, Security
Related Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+

Popular Stories

Apple Event Logo

Apple to Launch These 15+ New Products Later This Year

Friday March 27, 2026 2:03 pm PDT by
March has been an incredibly busy month for Apple, with the company unveiling more than 10 new products and accessories. We said hello to the MacBook Neo at the start of the month, and we bid farewell to the Mac Pro at the end of it. Nevertheless, there is still a lot more to come this year. Beyond the usual annual updates to iPhones and Apple Watches, Apple's all-new smart home hub is...
Read Full Article62 comments
iOS 26

iOS 26.4 Adds Two New Features to CarPlay

Tuesday March 24, 2026 1:55 pm PDT by
iOS 26.4 was released today, and it includes a couple of new features for CarPlay: an Ambient Music widget and support for voice-based chatbot apps. To update your iPhone 11 or newer to iOS 26.4, open the Settings app and tap on General → Software Update. CarPlay will automatically offer the new features so long as the iPhone connected to your vehicle is running iOS 26.4 or later....
Read Full Article30 comments
Mac Pro Feature Teal

Apple Confirms Mac Pro Is Dead, No Future Models Planned

Thursday March 26, 2026 2:04 pm PDT by
Apple has discontinued the Mac Pro and has removed the machine from its website, reports 9to5Mac. Apple said it does not plan to design a new version of the Mac Pro, and no new model will be coming in the future. The Mac Pro was last updated in 2023, which was when Apple added an M2 Ultra Apple silicon chip, but the chassis has not been refreshed since 2019. Apple redesigned the Mac Pro to...
Read Full Article517 comments

Top Rated Comments

Razorpit Avatar
Razorpit
67 months ago
Good thing no one ever shares a Pages or Keynote document on iCloud. Could have been catastrophic! 😉
Score: 8 Votes (Like | Disagree)
L
locovaca
67 months ago

I joke about their usage in the real world, but I use Pages and Numbers regularly. It just feels like I'm the only one.
I use them exclusively. They work fine for local content creation and I just export to doc/excel when I need to share.
Score: 5 Votes (Like | Disagree)
W
wfulle
67 months ago

Good thing no one ever shares a Pages or Keynote document on iCloud. Could have been catastrophic! 😉
Maybe it would of been fixed faster if Apple made pages a real competitor to Docs and Word
Score: 4 Votes (Like | Disagree)
Razorpit Avatar
Razorpit
67 months ago

Maybe it would of been fixed faster if Apple made pages a real competitor to Docs and Word
I joke about their usage in the real world, but I use Pages and Numbers regularly. It just feels like I'm the only one.
Score: 3 Votes (Like | Disagree)
S
sdz
67 months ago

Good thing no one ever shares a Pages or Keynote document on iCloud. Could have been catastrophic! 😉
Fantastically analyzed.
Score: 2 Votes (Like | Disagree)
N
neliason
67 months ago
I forgot Apple even had a web based interface for Pages etc. I wonder how many people use it? How much does Apple spend maintaining this?

I actually love Pages and Numbers, but I only use them via the apps.
Score: 1 Votes (Like | Disagree)
Read All Comments