Vulnerabilities Leave iTunes, App Store Open to Script Injection

Researchers say iTunes and Apple’s App Store suffer from a persistent input validation and mail encoding web vulnerability. If exploited, it could allow an attacker to inject their own malicious script.
Threatpost | The first stop for security news