📦 Restaurant Brands International Assistant

This vulnerability allows remote authenticated attackers to obtain administrative tokens via a GraphQL mutation in the Restaurant Brands International assistant platform. Attackers can gain full platf...

The Restaurant Brands International assistant platform uses client-side authentication for diagnostic screens, allowing attackers to bypass authentication and access sensitive diagnostic functions. Th...

This vulnerability allows attackers to submit unauthorized equipment orders by bypassing server-side authentication checks. The Restaurant Brands International (RBI) assistant platform relies on clien...

The RBI assistant platform's Global Store Directory improperly shares personal information among authenticated users, allowing one authenticated user to access another user's personal data. This affec...

The Restaurant Brands International assistant platform allows attackers to obtain a JWT token that can generate signed AWS upload URLs for any store's path. This enables unauthorized file uploads to A...

This vulnerability in the Restaurant Brands International (RBI) assistant platform allows remote attackers to manipulate Drive Thru speaker audio volume without authentication. It affects RBI's restau...