Starbucks: Parameter Manipulation allowed for viewing of other user’s teavana.com orders

A vulnerability had existed which allowed for unauthorized viewing of order details belonging to other users. @meals delivered a solid report & worked with us to resolve the issue. Thanks @meals! Proper authorization checks were not done on a specific parameter that allowed any user on teavana.co...