8 matches found
Popeyes, Tim Hortons, Burger King platforms have “catastrophic” vulnerabilities, say hackers
Two ethical hackers say they have uncovered massive security vulnerabilities in the platforms hosted by Restaurant Brands International RBI. RBI is one of the world's largest quick service restaurant companies. It was formed in 2014 through a $12.5 billion merger of the American fast food chain...
Coffee app in hot water for constant tracking of user location
A mobile app violated Canadas privacy laws via some pretty significant overreach with its tracking of device owners. The violation will apparently not bring the app owners, Tim Hortons, any form of punishment. However, the fallout from this incident may hopefully serve as a warning to others with...
Your Tim Hortons Coffee App Knew Where You Were at All Times
The Canada-based company illegally collected “vast amounts of location data,” such as every time a person entered or left their home, workplace, or another coffee shop...
locations.timhortons.com XSS vulnerability
Open Bug Bounty ID: OBB-654203 Description| Value ---|--- Affected Website:| locations.timhortons.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...
Week in security (February 26 – March 4)
Last week on Malwarebytes Labs, we explained how to protect your computer from malicious cryptomining, we gave an encryption 101 lesson using ShiOne ransomware as a case study, and we offered an explanation about SQL injection. We also released a report on the state of malicious cryptomining from...
timhortons.com XSS vulnerability
Vulnerable URL: http://www.timhortons.com/ca/en/about/faq-results.php?q=%27%22%3E%3Csvg%2Fonload%3Dconfirm%2FOPENBUGBOUNTY%2F%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 49668 VIP website status:| Yes...
timhortons.com XSS vulnerability
Vulnerable URL: http://www.timhortons.com/us/en/search/search-results.php?q=%22%3E%3Csvg%2Fonload%3Dalert%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 54462 VIP website status:| No...
timhortons.com XSS vulnerability
Vulnerable URL: http://www.timhortons.com/ca/en/about/faq-results.php?q=%3E%3Csvg%2Fonload%3Dalert%2FOPENBUGBOUNTY%2F%3E Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 09:41 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclose...