RSS Bot@lemmy.bestiver.seMB to Hacker News@lemmy.bestiver.seEnglish · 1 day ago

Exploiting McDonald's APIs to hijack deliveries and order food for a penny

eaton-works.com

4

5

Exploiting McDonald's APIs to hijack deliveries and order food for a penny

eaton-works.com

RSS Bot@lemmy.bestiver.seMB to Hacker News@lemmy.bestiver.seEnglish · 1 day ago

4

I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny

eaton-works.com

A series of API flaws in McDelivery India made it possible to order food for a penny, hijack other people’s delivery orders, view user information, and more.

Chat

brie@programming.dev
link
fedilink
English
arrow-up
2·
1 day ago
Let me guess, you signed an NDA, and won’t tell anyone which brands had badly configured access control in their web apps?

Each red flag is okay, but all together is rather strange. It’s kinda classic to say that pajeets write shitty code.

Hacker News@lemmy.bestiver.se

hackernews@lemmy.bestiver.se

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !hackernews@lemmy.bestiver.se

Community locked: only moderators can create posts. You can still comment on posts.

RSS Feed of HackerNews

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

182 users / day
1.04K users / week
2.24K users / month
2.24K users / 6 months
11 local subscribers
321 subscribers
2.55K Posts
684 Comments
Modlog