Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
btcpayserver btcpay server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-3646
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Btcpayserver Btcpay Server
5
CVSSv2
CVE-2021-29248
BTCPay Server up to and including 1.0.7.0 could allow a remote malicious user to obtain sensitive information, caused by failure to set the Secure flag for a cookie.
Btcpayserver Btcpay Server
3.5
CVSSv2
CVE-2021-29251
BTCPay Server prior to 1.0.7.1 mishandles the policy setting in which users can register (in Server Settings > Policies). This affects Docker use cases in which a mail server is configured.
Btcpayserver Btcpay Server
NA
CVE-2023-1149
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.8.0.
Btcpayserver Btcpay Server
5
CVSSv2
CVE-2021-29247
BTCPay Server up to and including 1.0.7.0 could allow a remote malicious user to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie.
Btcpayserver Btcpay Server
NA
CVE-2022-32984
BTCPay Server 1.3.0 up to and including 1.5.3 allows a remote malicious user to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using t...
Btcpayserver Btcpay Server
3.5
CVSSv2
CVE-2021-3830
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Btcpayserver Btcpay Server
NA
CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.7.5.
Btcpayserver Btcpay Server
5
CVSSv2
CVE-2021-29249
BTCPay Server prior to 1.0.6.0, when the payment button is used, has a privacy vulnerability.
Btcpayserver Btcpay Server
NA
CVE-2023-0879
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver before 1.7.12.
Btcpayserver Btcpay Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started