Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
btcpayserver btcpay server vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-3646
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Btcpayserver Btcpay Server
5.3
CVSSv3
CVE-2021-29248
BTCPay Server up to and including 1.0.7.0 could allow a remote malicious user to obtain sensitive information, caused by failure to set the Secure flag for a cookie.
Btcpayserver Btcpay Server
6.5
CVSSv3
CVE-2021-29251
BTCPay Server prior to 1.0.7.1 mishandles the policy setting in which users can register (in Server Settings > Policies). This affects Docker use cases in which a mail server is configured.
Btcpayserver Btcpay Server
5.4
CVSSv3
CVE-2023-1149
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.8.0.
Btcpayserver Btcpay Server
5.3
CVSSv3
CVE-2021-29247
BTCPay Server up to and including 1.0.7.0 could allow a remote malicious user to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie.
Btcpayserver Btcpay Server
7.5
CVSSv3
CVE-2022-32984
BTCPay Server 1.3.0 up to and including 1.5.3 allows a remote malicious user to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using t...
Btcpayserver Btcpay Server
5.4
CVSSv3
CVE-2021-3830
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Btcpayserver Btcpay Server
8.8
CVSSv3
CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.7.5.
Btcpayserver Btcpay Server
7.5
CVSSv3
CVE-2021-29249
BTCPay Server prior to 1.0.6.0, when the payment button is used, has a privacy vulnerability.
Btcpayserver Btcpay Server
5.4
CVSSv3
CVE-2023-0879
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver before 1.7.12.
Btcpayserver Btcpay Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started