3 matches found
CVE-2025-62643
The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...
CVE-2025-62642
The RBI assistant platform (Restaurant Brands International) through 2025-09-06 exposes an unauthenticated account-creation API labeled “Anyone Can Join This Party,” which does not verify user account creation. This allows a remote, unauthenticated attacker to create user accounts. Connected sour...
EUVD-2025-34922
The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...