CVE-2020-25900

CVSS Score & Metrics

Base Score

5.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N                                    

Vulnerability Description

HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed into a database on the client of other users. (The client side was changed in 2019 to encrypt that database.)

Vulnerability Details

Published Date

June 05, 2026

Last Modified

June 05, 2026

CWE ID

CWE-359

Source

NVD

Vendor

HelloTalk

Product

HelloTalk

External References

https://isopach.dev/CVE-2020-25900/

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment