writeups.xyz / Write Up – Apple N/A: PII Information, Full Contact List, Main Phone No. And Main Icloud Email Extracted; Bug Patched: Arbitrary Local File Read Via Zip File And Symlinks On Ios Files App.

Submitter : c2a

Date: 17 November 2021

Bounty : undisclosed

Vulnerabilities :

• Arbitrary File Read

Programs :

• Apple

Authors :

• Omar Espino (@Omespino)

Link :
https://omespino.com/write-up-apple-bug-bounty-n-a-arbitrary-local-file-read-via-zip-file-and-symlinks-usd/