A security flaw in the GO SMS Pro Android app can be exploited to publicly expose media sent using the app. The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content. A fix would include adding proper access controls in the cloud instance, implementing longer unique IDs in the URL that will prevent sequential walking through the data, researchers said. The bug was confirmed in version 7.91, as mentioned but the developer released a new version (v7.93) on Wednesday.
Source: https://threatpost.com/go-sms-pro-android-app-exposes-private-photos/161407/