Btcpay Server

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-02	CVE-2023-1149	Unspecified vulnerability in Btcpayserver Btcpay Server Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0. network low complexity btcpayserver	5.4
2023-02-17	CVE-2023-0879	Unspecified vulnerability in Btcpayserver Btcpay Server Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12. network low complexity btcpayserver	5.4
2023-01-31	CVE-2022-32984	Unspecified vulnerability in Btcpayserver Btcpay Server BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. network low complexity btcpayserver	7.5
2023-01-26	CVE-2023-0493	Injection vulnerability in Btcpayserver Btcpay Server Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5. network low complexity btcpayserver CWE-74	8.8
2021-09-26	CVE-2021-3830	Cross-site Scripting vulnerability in Btcpayserver Btcpay Server btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') network low complexity btcpayserver CWE-79	5.4
2021-09-10	CVE-2021-3646	Cross-site Scripting vulnerability in Btcpayserver Btcpay Server btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') network low complexity btcpayserver CWE-79	6.1
2021-05-05	CVE-2021-29247	Incorrect Permission Assignment for Critical Resource vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie. network low complexity btcpayserver CWE-732	5.3
2021-05-05	CVE-2021-29245	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate a legacy API key. network low complexity btcpayserver CWE-338	5.3
2021-05-05	CVE-2021-29248	Missing Encryption of Sensitive Data vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie. network low complexity btcpayserver CWE-311	5.3
2021-05-05	CVE-2021-29246	Path Traversal vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. local low complexity btcpayserver CWE-22	6.7