Apple Reportedly Patches XSS Vulnerability on iCloud's Website - MacRumors
Skip to Content

Apple Reportedly Patches XSS Vulnerability on iCloud's Website

by

In a blog post shared by ZDNet, security researcher Vishal Bharad claims that he found a bug that would have allowed a hacker to inject a virus or malicious script onto Apple's ‌iCloud‌ website.

24330f3b719ded3a3092a6ff695d8a34

According to Bharad, the vulnerability consisted of creating a Pages or Keynote document on the ‌iCloud‌ website with the name field containing the XSS payload. Sharing the document with another user, creating a change, saving, and then clicking "Browse All Versions" under Settings would have triggered the XSS payload.

Given the vulnerability revolved around the ‌iCloud‌ website, it's not linked to a recent software update and has reportedly been patched by Apple server-side. Bharad says he submitted the issue to Apple on August 7, 2020, and received a $5,000 bounty on October 9, 2020. We've reached out to Apple for comment and we'll update if we hear back.

Tags: iCloud, Security
Related Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+

Popular Stories

iOS 26

iOS 26.4.1 Includes These Two Changes for iPhones

Wednesday April 8, 2026 7:17 pm PDT by
Apple has released a minor iOS 26.4.1 update for the iPhone 11 and newer. While the release notes for the update only mention unspecified "bug fixes," we have since learned about two specific changes that are included in it. First, 9to5Mac spotted an Apple Developer Forums thread suggesting that iOS 26.4.1 fixes an iOS 26.4 bug that affected iCloud syncing in some apps. Second, an...
Read Full Article43 comments
macOS 27 on MacBook Pro

macOS 27 Will Mark the End of an Era

Saturday April 18, 2026 6:45 am PDT by
During its Platforms State of the Union segment at WWDC 2025, Apple revealed that macOS 26 Tahoe is the final major macOS version for Intel-based Macs. The upcoming macOS 27 release will be compatible with Apple silicon Macs only, meaning that you will need a Mac with an M-series chip or a MacBook Neo with an A18 Pro chip in order to install the software update. macOS 27 should be available...
Read Full Article283 comments
Aston Martin CarPlay Ultra Screen

Apple Says CarPlay Ultra is Coming to These Vehicle Brands

Saturday April 18, 2026 5:59 am PDT by
Last year, Apple launched CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. Nearly a year later, CarPlay Ultra is still limited to Aston Martin's latest luxury vehicles, but that should change fairly soon. In May 2025, Apple said many other vehicle brands planned to offer CarPlay Ultra, including Hyundai, Kia, and Genesis. CarPlay Ultra...
Read Full Article25 comments

Top Rated Comments

Razorpit Avatar
Razorpit
67 months ago
Good thing no one ever shares a Pages or Keynote document on iCloud. Could have been catastrophic! 😉
Score: 8 Votes (Like | Disagree)
L
locovaca
67 months ago

I joke about their usage in the real world, but I use Pages and Numbers regularly. It just feels like I'm the only one.
I use them exclusively. They work fine for local content creation and I just export to doc/excel when I need to share.
Score: 5 Votes (Like | Disagree)
W
wfulle
67 months ago

Good thing no one ever shares a Pages or Keynote document on iCloud. Could have been catastrophic! 😉
Maybe it would of been fixed faster if Apple made pages a real competitor to Docs and Word
Score: 4 Votes (Like | Disagree)
Razorpit Avatar
Razorpit
67 months ago

Maybe it would of been fixed faster if Apple made pages a real competitor to Docs and Word
I joke about their usage in the real world, but I use Pages and Numbers regularly. It just feels like I'm the only one.
Score: 3 Votes (Like | Disagree)
S
sdz
67 months ago

Good thing no one ever shares a Pages or Keynote document on iCloud. Could have been catastrophic! 😉
Fantastically analyzed.
Score: 2 Votes (Like | Disagree)
N
neliason
67 months ago
I forgot Apple even had a web based interface for Pages etc. I wonder how many people use it? How much does Apple spend maintaining this?

I actually love Pages and Numbers, but I only use them via the apps.
Score: 1 Votes (Like | Disagree)
Read All Comments