XSS bug stored in Apple iCloud domain disclosed by bug bounty hunter


Bug bounty hunter and penetration tester Vishal Bharad have discovered a stored cross-site scripting (XSS) vulnerability in the iCloud domain which was patched by Apple.

The security flaw is a stored XSS issue in Stored XSS vulnerabilities, also known as persistent XSS, can be used to store payloads on a target server, inject malicious scripts into websites, and potentially be used to steal cookies, session tokens, and browser data.

Bharad stated that the XSS flaw in was found in the Page/Keynotes features of Apple’s iCloud domain.

To trigger the bug, an attacker has to create new Pages or Keynote content with an XSS payload submitted into the name field. 

This content has to be then saved and sent or shared with another user. An attacker has to then make a change or two to the malicious content, save it again, and then visit “Settings” and “Browser All Versions.”  The XSS payload would trigger after clicking on this option.

The bug bounty hunter also provided a Proof-of-Concept (PoC) video to demonstrate the vulnerability.

The bug was disclosed to Apple on August 7, 2020. The report was accepted and Bharad received a reward of $5000 for his efforts.

Image Credits : Asia News

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Chinese hackers cloned attack tool belonging to NSA’s Equation Group

    Previous article

    Accellion Zero-Days exploited in recent data theft and extortion attacks

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *