Vulnerabilities > Btcpayserver

DATE CVE VULNERABILITY TITLE RISK
2023-03-08 CVE-2023-1270 Cross-site Scripting vulnerability in Btcpayserver
Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.
network
low complexity
btcpayserver CWE-79
5.4
2023-03-02 CVE-2023-1149 Improper Neutralization of Equivalent Special Elements vulnerability in Btcpayserver Btcpay Server
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0.
network
low complexity
btcpayserver CWE-76
5.4
2023-02-17 CVE-2023-0879 Cross-site Scripting vulnerability in Btcpayserver Btcpay Server
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.
network
low complexity
btcpayserver CWE-79
5.4
2023-02-13 CVE-2023-0810 Cross-site Scripting vulnerability in Btcpayserver
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.11.
network
low complexity
btcpayserver CWE-79
5.4
2023-02-08 CVE-2023-0748 Open Redirect vulnerability in Btcpayserver
Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
network
low complexity
btcpayserver CWE-601
6.1
2023-02-08 CVE-2023-0747 Cross-site Scripting vulnerability in Btcpayserver
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
network
low complexity
btcpayserver CWE-79
5.4
2023-01-31 CVE-2022-32984 Unspecified vulnerability in Btcpayserver Btcpay Server
BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed.
network
low complexity
btcpayserver
7.5
2023-01-26 CVE-2023-0493 Injection vulnerability in Btcpayserver Btcpay Server
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
network
low complexity
btcpayserver CWE-74
8.8
2021-09-26 CVE-2021-3830 Cross-site Scripting vulnerability in Btcpayserver Btcpay Server
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
3.5
2021-09-10 CVE-2021-3646 Cross-site Scripting vulnerability in Btcpayserver Btcpay Server
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
4.3