EXNESS disclosed a bug submitted by ashwarya: https://hackerone.com/reports/2264960 – Bounty: $4337 [Source]