Frans Rosén

Hacking CloudKit – How I accidentally deleted your Apple Shortcuts

CloudKit, the data storage framework by Apple, has various access controls. These access controls could be misconfigured, even by Apple themselves, which affected Apple’s own apps using CloudKit. This blog post explains in detail three bugs found in iCrowd+, Apple News and Apple Shortcuts with different criticality uncovered by Frans Rosen while hacking Cloudkit. All bugs were reported to and fixed by the Apple Security Bounty program.

XSS using quirky implementations of ACME http-01

Some hosting providers implemented http-01 having one part of the challenge key reflected in the response. This resulted in a huge amount of websites being vulnerable to XSS just because of their quirky implementation of the http-01 ACME-challenge.