🔗 DarkWebInformer.com:
📅 Date: 2024-09-29 01:27:39
🚨 Title: Alleged sale of IDOR vulnerability in Al-Rajhi Bank APIs
🛡️ Victim Country: Saudi Arabia
🏭 Victim Industry: Financial Services
🏢 Victim Organization: al-rajhi bank
🌐 Victim Site: alrajhibank.com.sa
📜 Category: Vulnerability
🔗 Claim: https://breachforums.st/Thread-SELLING-IDOR-in-AlrajhiBanks-APIs
🕵️♂️ Threat Actor: Cas
🌍 Network: openweb
📝 Description: Threat actor claims to be selling an IDOR (Insecure Direct Object Reference) vulnerability in Al-Rajhi Bank APIs. Threat actor also claims that the vulnerability allows unauthorized access to sensitive data, including user carts, and could potentially include other exploits, such as NoSQL injection.
Screenshots: