A serious remote vulnerability has been uncovered in Apples AppStore and iTunes web applications that posed a significant risk to buyers, sellers or Apple website managers/developers A security researcher at Vulnerability Lab found that Apples systems were too trusting in the way that they handled device names. The problem (Apple Security ID 623920272) was identified by Benjamin Kunz Mejri on 8 June 2015 and awarded a severity level of High and a CVSS score of 5.9. He disclosed it to Apple the following day and it has since been fixed.”]
Source: https://nakedsecurity.sophos.com/2015/07/28/itunes-and-appstore-remote-exploit-fixed-by-apple/