CVE-2020-5800
CRITICALEat Spray Love - Unauthenticated Incorrect Resource Transfer Between Spheres
Title source: llmDescription
The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2020-65
Scores
CVSS v3
9.8
EPSS
0.0156
EPSS Percentile
71.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-669
Status
published
Products (1)
eat_spray_love_project/eat_spray_love
2.0.20 (2 CPE variants)
Published
Dec 07, 2020
Tracked Since
Feb 18, 2026