Skip to main content
← Back to Advisories

Apple Music Arbitrary JavaScript Execution

MEDIUM CVE-2024-23829
Dominik Penner's profile picture

Dominik Penner @zer0pwn

DESCRIPTION

A vulnerability in Apple Music for Windows allows arbitrary JavaScript execution through maliciously crafted content.

DETAILS

The Apple Music application for Windows is vulnerable to arbitrary JavaScript execution through the manipulation of content displayed in the application. This could allow an attacker to execute arbitrary code in the context of the application.

AFFECTING

  • Apple Music • TBD for Windows