The host is installed with Apple iTunes before 12.9.4 or Apple iCloud before 7.11 and is prone to an universal XSS vulnerability. A flaw is present in the applications, which fail to properly handle crafted web content. Successful exploitation could allow attackers to execute arbitrary code.