App App App Reax Delivery Users of Users’s Suitable and Personal More

Protection is finished on Dipt App Raw revealed in a detailed Detapo and places used individually, Techcrnchn found.

These obvious information included users of users, dates, preferences, and sexually dissolved app. Some of the attacked with attachment to the consistency of access to App App Apple APPOSITION with the correct roads.

Raw, which was introduced in 2023, and A Dating program This states also supposed to related to other sides by asking users to produce pictures of each day. The company does not tell how many users, but its Google Play Store Spells will only download 500,000 downloads.

Fake Answers come the same week to be announced the sort of hardware of the App, raw ring, A non-meaningful device That claims tell us the program users to resolve the amount of your friends and other data to receive the notice of AI-Movies, wisely aware that dishonesty.

Ignorant Items and Responsibilities of consecutive and loving with The Hardships of RescueAbout his site and in his confidential policy to make his app, with his incomplete device, all use The end-to-endThe protection item prevents anyone except the user – including the company – to find information.

When we try this app this weekend, which includes the program’s analysis, Techcrnch has not found evidence that the program uses the encymon. Instead, we found the app set up the use of users to anyone who has a browser.

Clearly established a third 3rd show, after Techcrnch was in contact with the company.

“All the tests already protected, and have provided additional tables for the more of the problems in advance, told the art and email.

When asked by Techcrunch, Anderson proved that the company did not apply to the third search for this app, I am adding the “paths of” their paths still to make high-quality products. “

Anderson could not do it again to use the users that their knowledge was revealed, but because the company was’ reported by the correct statement of the appropriate data that has the correct laws. “

Did not appear when the app was long enough to pour the people who use. Anderson said the company still refused the action.

When it comes to his statement that the program uses the last Encrrsepping, Anderson reported the raw “use encryptions on the way of the item in the underlying.”

Anderson did not say that, when they were asked, if the company plans have changed his privacy methods, and Anderson not answered the next email from Techcoundnnch.

How we got a lot of visible information

Techcrnch recognized that BUG WEEDER ARE STRODED BY THE SPACE. As part of our exams, we established a raw program on the Android visible device, which allows us to use the program without knowing more, as our place.

We created a new user account with Dummy, as a name and date of birth, and setting the place we are looking like a museum, California. When the program requests our own location, we allow this app to arrive to our folk-to-minute period.

We used a weapon to evaluate the network and checking out what is going and out of the raw application, which allowed us to understand how the program operates and the app was to make users.

Techcrnch was noticed in a few minutes using a raw app. When we raised the app, we found that pulling the user’s profile from the company’s server, but the server did not protect the retrieved data and any authentication.

By doing this, this means that everyone can find someone else’s knowledge using a website to visit the discount server address – api.raw.app/users/ followed by the 11-digit number corresponding to another user. To change the numbers including the 11-digit identification of the password from the user’s profile, including their data.

This type of damage is known to be vulnerable to an item, or IDor, Neg version of the Neg which will allow a person to access or change one’s data because of the lack of the necessary checks.

Like We’ve already describedIndor Bugs and adjusted to have the key to mailbox, but the key can reopen each email address on the same road. So, the lost bugs can be used easily and sometimes exceeds, allowing access to the user’s profile.

Cybergestic Army CSA has already been determined about the accidents that IDor Bugs, including the ability to reach a difficult data “on a scale.” As part of its Secure by the structure Causes, cisado said In the advice of 2023 The manufacturers must make their own programs to do the correct verification and acceptable checks.

Since six reasons the error, the ignorant server has not returned the user’s information.