EXNESS: Blind SSRF on https://my.exnessaffiliates.com/ allows for internal network enumeration

A blind stored server-side request forgery vulnerability was discovered in an endpoint of a website. This allowed internal network details to be disclosed by making requests to internal IP addresses and ports. With escalation, further inspection of the internal network could have been possible. T...

EXNESS: IDOR in Stats API Endpoint Allows Viewing Equity or Net Profit of Any MT Account

Hi Team, Today I logged into my Exness PA and noticed an updated performance page. I thought to give it a quick check and noticed that the API endpoints responsible for fetching the stats performance chart /stats/ is vulnerable to IDOR via accounts= parameter. The issue allows fetching the stats ...

EXNESS: CRLF Injection - Http Response Splitting

HTTP response splitting allowed to add a malicious header to the response...

EXNESS: Improper Implementation of SDK Allows Universal XSS in Webview Leading to Account Takeover

Affected App: Social Trading com.exness.investments App Version: - 2.45.8-release latest on PlayStore Summary: The SurveyMonkey SDK, used to collect surveys from users for analytic and informative purposes, was implemented in an insecure manner in . Particularly, the SMFeedbackActivity was...

EXNESS: Access control vulnerability (read-only)

Horizontal privilege escalation that could be used to gain access to some information not associated with the current user...