📚 Sifchain: Information Disclosure on https://rpc.sifchain.finance/

Description: Hi team, I see the subdomain https://rpc.sifchain.finance/ . And I visited this subdomain it contains many endpoints. Affected URLs: https://rpc.sifchain.finance/ Poc Available endpoints: Endpoints that require arguments: //rpc.sifchain.finance/abci_info? //rpc.sifchain.finance/abci_query?path=&data=&height=&prove= //rpc.sifchain.finance/block?height= //rpc.sifchain.finance/block_by_hash?hash= //rpc.sifchain.finance/block_results?height= //rpc.sifchain.finance/blockchain?minHeight=&maxHeight= //rpc.sifchain.finance/broadcast_evidence?evidence= //rpc.sifchain.finance/broadcast_tx_async?tx= //rpc.sifchain.finance/broadcast_tx_commit?tx= //rpc.sifchain.finance/broadcast_tx_sync?tx= //rpc.sifchain.finance/commit?height= //rpc.sifchain.finance/consensus_params?height= //rpc.sifchain.finance/consensus_state? //rpc.sifchain.finance/dump_consensus_state? //rpc.sifchain.finance/genesis? //rpc.sifchain.finance/health? //rpc.sifchain.finance/net_info? //rpc.sifchain.finance/num_unconfirmed_txs? //rpc.sifchain.finance/status? //rpc.sifchain.finance/subscribe?query= //rpc.sifchain.finance/tx?hash=&prove= //rpc.sifchain.finance/tx_search?query=&prove=&page=&per_page=&order_by= //rpc.sifchain.finance/unconfirmed_txs?limit= //rpc.sifchain.finance/unsubscribe?query= //rpc.sifchain.finance/unsubscribe_all? //rpc.sifchain.finance/validators?height=&page=&per_page= And visit every individual link it contain a sensitive information. So I will submitted as a bug report. Here is... ...