The host is installed with Apple iCloud before 7.21 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could lead to a cross site scripting attack while processing maliciously crafted web content.