Security Update 2016-001 El Capitan…
[Teavana] Open Redirect
Open Redirect on connect.teavana.com
This report highlights an open redirect and abuse on a subdomain of teavana.com. The attacker could create an account with a third party company and use that to create a fake campaign. Such a vulnerability could be remediated by whitelisting certain domains to avoid arbitrary usage of subdomains of teavana.com.