Apple · Music · CVE-2023-28203
**Name of the Vulnerable Software and Affected Versions**
Apple Music versions prior to 4.2.0
**Description**
The issue is related to insufficient access control in the Apple Music app for Android, which may allow an app to access a user's contacts. This could potentially lead to the disclosure of user contact information.
**Recommendations**
For versions prior to 4.2.0, update to Apple Music 4.2.0 for Android to resolve the issue.