The host is installed with Apple iTunes before 12.10.1 or Apple iCloud before 7.14 and is prone to a universal cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle a logic issue issue. Successful exploitation could allow attackers to execute cross-site scripts through maliciously crafted web content.