Wellness Coach - MyHealth Android App Exposes Password in Log
Background
The Wellness Coach - MyHealth Android app has a serious security
problem--it
exposes confidential data in the device log.
Testing Method
I used an Android emulator connected to the
Burp proxy.
Here's the app I tested:
Sending personal data which should be encrypted:
Harvesting the data from the device log:
Notification
I sent this email on 9-20-2025:
Posted 9-20-2025 by Sam Bowne