Description
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
Affected products
- Apple / Apple Music for Androidunspecified – 3.5
References
- VENDOR_ADVISORYhttps://support.apple.com/en-us/HT213472