Public itBit Exchange bug reports.

Team Bounty Title
itBit Exchange $1,000 Round error issue -> produce money for free
itBit Exchange - Open Redirect in https://exchange.itbit.com - False Positive
itBit Exchange $100 No password length restriction denial of service
itBit Exchange - email not required to be unique
itBit Exchange $50 user-agent Content spoofing
itBit Exchange $200 secretKey for OTP , is getting leaked in response of a delete request !
itBit Exchange $200 confirmation bypass of 2FA devices while they are deleting
itBit Exchange - ITBit Vulnerable to SSLSTrip
itBit Exchange $50 Leakage of sensitive wallet tokens to third party sites
itBit Exchange $150 Stored xss in bank name withdraw
itBit Exchange $50 weird bug ! ( missing validation on new email verfication )
itBit Exchange $200 Unsecure data in "device" response - OTP
itBit Exchange $50 Email Length Verification
itBit Exchange $500 Notification Emails: IP + Content-Spoofing