CVE-2018-1000023

CVE: CVE-2018-1000023
Published: 2018-02-09T23:29Z
Vendor: insight.bitpay
Products: insight-api
Versions: 5.0.0,
Description Language: en
Description: Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a CWE-20: input validation vulnerability in transaction broadcast endpoint that can result in Full Path Disclosure. This attack appear to be exploitable via Web request.
References:
https://github.com/bitpay/insight-api/issues/542