An issue exists in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. It is possible to force wallets to send HTTP requests to arbitrary locations, both on the local network and on the internet. This is a serious threat to user privacy, since it can possibly leak their IP address and the fact that they are using the product. This also affects Dash Core up to and including 0.14.0.3 and Private Instant Verified Transactions (PIVX) up to and including 3.4.0.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dash dash core |
||
officialdapscoin decentralized anonymous payment system |
||
pivx private instant verified transactions |