Critical vulnerabilities in Starbucks website may harm your system

An Egyptian Security Researcher, Mohamed M. Fouad has found three critical vulnerabilities on the worldwide famous coffee giant StarBucks website. 

These three vulnerabilities could allow an attacker to execute arbitrary code, inject or upload malicious files and perform cross-site request forgery.

A proof of concept demonstrating the said attacks in action can be found at 


The vulnerabilities have been reported to StarBucks team twice but no reply has been received yet!

Related posts

Leave a Comment