CVE-2021-29248
BTCPay Server (versions up to 1.0.7.0) is affected by an information disclosure vulnerability caused by not setting the Secure flag on a cookie, enabling a remote attacker to obtain sensitive information. The exact vulnerable component/file is the cookie handling, and the available documents do n...