Looking for security contact at Wesfarmers/Bunnings

Discovered some minor but important issues and want to share with trusted contact at Wesfarmers that is often detected by their application firewall but not in all cases, and appears to be easily discoverable.

Doesn’t affect local/stored data but can easily be used to engineer a target into accepting you are a Bunnings employee. Hopefully the trusted contact here can validate themselves without using this vulnerability :slight_smile:


Hi @steveathon,

Could you please email our cyber team using the [email protected] email address and we can then discuss this further.


Onto it. Thanks team.

1 Like