5.3
CVSSv3

CVE-2021-29247

Published: 05/05/2021 Updated: 11/05/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

BTCPay Server up to and including 1.0.7.0 could allow a remote malicious user to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

btcpayserver btcpay server