← Back to Advisories
Apple Music Arbitrary JavaScript Execution
MEDIUM CVE-2024-23829

Dominik Penner @zer0pwn
DESCRIPTION
A vulnerability in Apple Music for Windows allows arbitrary JavaScript execution through maliciously crafted content.
DETAILS
The Apple Music application for Windows is vulnerable to arbitrary JavaScript execution through the manipulation of content displayed in the application. This could allow an attacker to execute arbitrary code in the context of the application.
AFFECTING
- Apple Music • TBD for Windows