A previously undisclosed flaw in Nike’s website allowed anyone with a few lines of code to read server data like passwords, which could have provided greater access to the company’s private systems. An 18-year-old researcher, who asked not to be named, discovered the flaw late last year and contacted Nike through the company’s dedicated email address for reporting security flaws, which it advertises on its bug bounty page.
Read full news article on ZDNet