Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Information Exposure Through an Error Message at news.starbucks.com

Medium
S
Starbucks
Submitted None
Actions:
View on HackerOne
Reported by seytan6161

Vulnerability Details

Technical details and impact analysis

Information Exposure Through an Error Message
I've discovered Information Exposure Through an Error Message on your system POC link: https://news.starbucks.com/cms/index.php?/cp/login/forgotten_password_form=http://evil.com/?id=test-test Vulnerable url --> https://news.starbucks.com/cms/index.php?/cp/login/forgotten_password_form=http://evil.com/?id=test-test Proof screenshot attached. ## Impact Impact references: https://cwe.mitre.org/data/definitions/209.html Best regards

Report Details

Additional information and metadata

State

Closed

Substate

Not-Applicable

Submitted

Weakness

Information Exposure Through an Error Message