Starbucks: China – Limited Partner PII Regarding Work Scheduling via Unauthenticated API Endpoint

0xpatrik discovered an unauthenticated API endpoint that allowed retrieval of specified work leave dates of designated Starbucks employees in China. @0xpatrik — thank you for reporting the original vulnerability and for confirming the resolution...