The Daily Dose

You can trust McDonald’s to serve you its less than nourishing Big Macs, but you certainly shouldn’t trust its website with your password. Dutch independent software engineer Tijme Gommers has uncovered a still-active vulnerability in the main website of the iconic fast food franchise McDonalds.com that essentially makes it possible for attackers to retrieve sensitive user information. As Gommers explains on his blog, the flaw lies in sloppy input sanitation (a standard protective measure) present in the website, which could in turn be leveraged to snatch login credentials as well as other sensitive information. Here’s how the Dutch software engineer summed it up: By…

This story continues at The Next Web