Proof of concept for Bitfi website attacks
The Bitfi website is vulnerable to a few attacks;
- XSS
- SQLi
- Email injection
The initial report was sent via email to Bitfi support team on 08/07/2018. If there is no response or no fix by 08/13/2018 I will release PoC code for the attacks publically.