Everest Ransomware Claims McDonalds India Breach Involving Customer Data

The notorious Everest ransomware group is claiming to have breached McDonald's India, the Indian subsidiary of the American…...

Poor Password Choices

Look at this: McDonald's chose the password "123456" for a major corporate system...

Malicious code in @mcdonalds/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 209f892cf75f1cd8b9b0f27ea42f702cb0e669736268cccae4725e21136d87b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

mcdonalds.com.au Cross Site Scripting vulnerability OBB-2460572

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

mcdonalds.md Cross Site Scripting vulnerability OBB-1352127

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

mcdonalds.md Cross Site Scripting vulnerability OBB-1345095

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

McDonalds-Themed Facebook Ads Serve Up Banking Trojans

The Mispadu banking trojan is using a McDonalds malvertising tactic to ultimately steal payment-card data and online banking information. Written in Delphi, Mispadu targets Brazil and Mexico, uses pop-up windows and contains backdoor functionality. According to researchers at ESET, Mispadu spread...

jobs.mcdonalds.ch XSS vulnerability

Open Bug Bounty ID: OBB-555893 Description| Value ---|--- Affected Website:| jobs.mcdonalds.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

stage-gws.mcdonalds.com XSS vulnerability

Open Bug Bounty ID: OBB-555265 Description| Value ---|--- Affected Website:| stage-gws.mcdonalds.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

mcdonalds.com XSS vulnerability

Open Bug Bounty ID: OBB-481416 Description| Value ---|--- Affected Website:| mcdonalds.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based...

www1.staging.mcdonalds.com XSS vulnerability

Open Bug Bounty ID: OBB-454050 Description| Value ---|--- Affected Website:| www1.staging.mcdonalds.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...

mcdonalds.it XSS vulnerability

Open Bug Bounty ID: OBB-397519 Description| Value ---|--- Affected Website:| mcdonalds.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

www1.staging.mcdonalds.com XSS vulnerability

Vulnerable URL: http://www1.staging.mcdonalds.com/googleapps/GoogleArabicSearchAction.do?method=googlesearchLocation=kw=ar=';alert/OPENBUGBOUNTY/;x='\n Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 20:53 GMT Vulnerability type:| XSS...

mcdonalds.com XSS vulnerability

Vulnerable URL: https://www.mcdonalds.com/us/en/errors/404.emailform.html?hidSendEmail="-prompt"XSSPOSED"-" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 7440 VIP website status:|...

m.mcdonalds.be XSS vulnerability

Vulnerable URL: https://m.mcdonalds.be/nl/restaurant?address=%22%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C%2Fscript%3E=20 Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 16:46 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclos...

mcdonalds.es XSS vulnerability

Vulnerable URL: http://www.mcdonalds.es/restaurante/buscador?address=xss%22;alert%22OPENBUGBOUNTY%22;//&--!%3E Details: Description| Value ---|--- Patched:| Yes, at 13.10.2016 Latest check for patch:| 13.10.2016 14:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

www1.staging.mcdonalds.com XSS vulnerability

Vulnerable URL: http://www1.staging.mcdonalds.com/cache/jspringsecuritycheck Details: Description| Value ---|--- Patched:| Yes, at 27.09.2017 Latest check for patch:| 27.09.2017 06:17 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

www1.staging.mcdonalds.com XSS vulnerability

Vulnerable URL: http://www1.staging.mcdonalds.com/security/sec/changepwd?appName= Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:30 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...

www1.staging.mcdonalds.com XSS vulnerability

Vulnerable URL: http://www1.staging.mcdonalds.com/security/sec/forgotpwd?appName== Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:26 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...

www1.staging.mcdonalds.com XSS vulnerability

Vulnerable URL: http://www1.staging.mcdonalds.com/contactus/navigate.do?link=foodmatters〈=en=';alert/OPENBUGBOUNTY/;x'=twitterfm Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 23:10 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...