[Teavana] Open Redirect

Open Redirect on connect.teavana.com

 
This report highlights an open redirect and abuse on a subdomain of teavana.com. The attacker could create an account with a third party company and use that to create a fake campaign. Such a vulnerability could be remediated by whitelisting certain domains to avoid arbitrary usage of subdomains of teavana.com.

Leave a Comment