Carter Lasalle

**Name of the Vulnerable Software and Affected Versions** Splashin iOS version 2.0 **Description** The Splashin iOS application version 2.0 does not enforce server-side interval restrictions for location updates for free-tier users. **Recommendations** Update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Splashin iOS version 2.0 **Description** Insecure permissions allow unauthorized attackers to access location data for specific users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.