Attacker infrastructure: attack.netfragile.store (VPS 145.239.36.49)
| ID | Severity | Target | Type | PoC |
|---|---|---|---|---|
| MCP-01 | CRITICAL | api.1inch.com | Open OAuth DCR | Live Demo | Callback |
| SC-01 | CRITICAL | 1inch.network | External script no SRI | Demo |
| XSS-01 | HIGH | 1inch.network | rrweb postMessage | Live Demo |
| XSS-02 | HIGH | 1inch.network | postMessage no origin | Live Demo |
| CONFIG-LEAK-02 | HIGH | business.1inch.com | 5 creds in JS bundle | Verified via scripts |
| ANALYTICS-01 | MEDIUM | 1inch.network | Analytics injection | Verified 5/5 |