4 matches found
CVE-2025-14317
In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a loyaltyGuestId parameter. Server does not verify the permissions required to obtain the data. This issue was fixed in version 915 Android and 7.4.1 iOS...
CVE-2025-14317 User Enumeration in Crazy Bubble Tea mobile application
In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a loyaltyGuestId parameter. Server does not verify the permissions required to obtain the data. This issue was fixed in version 915 Android and 7.4.1 iOS...
CVE-2025-14317 User Enumeration in Crazy Bubble Tea mobile application
In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a loyaltyGuestId parameter. Server does not verify the permissions required to obtain the data. This issue was fixed in version 915 Android and 7.4.1 iOS...
Crazy Bubble Tea App 安全漏洞
Crazy Bubble Tea App is a Pearl Milk Tea ordering mobile app from Crazy Bubble Tea, Poland. A security vulnerability exists in Crazy Bubble Tea App versions prior to 915 and prior to 7.4.1, which stems from the server not verifying permissions and could lead to the enumeration of the loyaltyGuest...