In a blog post shared by ZDNet, security researcher Vishal Bharad claims that he found a bug that would have allowed a hacker to inject a virus or malicious script onto Apple's iCloud website.
According to Bharad, the vulnerability consisted of creating a Pages or Keynote document on the iCloud website with the name field containing the XSS payload. Sharing the document with another user, creating a change, saving, and then clicking "Browse All Versions" under Settings would have triggered the XSS payload.
Given the vulnerability revolved around the iCloud website, it's not linked to a recent software update and has reportedly been patched by Apple server-side. Bharad says he submitted the issue to Apple on August 7, 2020, and received a $5,000 bounty on October 9, 2020. We've reached out to Apple for comment and we'll update if we hear back.
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for more than five more months, there are already plenty of rumors about the devices.
It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component...
Apple is looking for a "breakthrough" with its push into wearable AI devices, including an "AirTag-sized pendant," according to Bloomberg's Mark Gurman.
In a report, he said the pendant is reminiscent of the failed Humane AI Pin, but it would be an iPhone accessory rather than a standalone product.
The pendant would feature an "always-on" camera and a microphone for Siri voice commands,...
NASA has shared three incredible photos shot on the iPhone 17 Pro Max by astronauts during the Artemis II mission to the Moon.
Shot on iPhone 17 Pro Max (Wiseman)
In February, NASA announced that the iPhone had been fully qualified for extended use in orbit, with reports indicating that each of the four crew members aboard the Orion are equipped with an iPhone 17 Pro Max for personal photos...
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for more than five more months, there are already plenty of rumors about the devices.
It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component...
Apple is looking for a "breakthrough" with its push into wearable AI devices, including an "AirTag-sized pendant," according to Bloomberg's Mark Gurman.
In a report, he said the pendant is reminiscent of the failed Humane AI Pin, but it would be an iPhone accessory rather than a standalone product.
The pendant would feature an "always-on" camera and a microphone for Siri voice commands,...
NASA has shared three incredible photos shot on the iPhone 17 Pro Max by astronauts during the Artemis II mission to the Moon.
Shot on iPhone 17 Pro Max (Wiseman)
In February, NASA announced that the iPhone had been fully qualified for extended use in orbit, with reports indicating that each of the four crew members aboard the Orion are equipped with an iPhone 17 Pro Max for personal photos...
