A vulnerability in O2’s implementation of the IMS standard resulted in user location data being exposed in network responses.
