Details on Apple’s Shortcuts Vulnerability: A Deep Dive into CVE-2024-23204

CVE-2024-23204 is a high-severity vulnerability in Apple Shortcuts that could allow a maliciously crafted shortcut using the 'Expand URL' action to bypass Transparency, Consent, and Control (TCC) prompts and exfiltrate sensitive data (photos, contacts, files, clipboard) by base64-encoding content and sending it to an attacker-controlled server; it has a CVSS score of 7.5, affected macOS and iOS/iPadOS versions prior to Sonoma 14.3 and 17.3, and has been addressed by Apple—users should apply updates and avoid running shortcuts from untrusted sources.