Stored XSS Vulnerability on iCloud.com Earned Researcher $5,000
The flaw was present in the iCloud-hosted versions of Apple’s Pages and Keynote software. Exploitation involved creating a new document or presentation and entering an XSS payload into its name field.