Lucene search
K

4 matches found

OSV
OSV
added 2023/01/31 10:15 p.m.37 views

CVE-2022-32984

BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using the internal lightning node, the...

7.5CVSS7.3AI score0.01009EPSS
Exploits0References1
Prion
Prion
added 2023/01/31 10:15 p.m.24 views

Code injection

BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using the internal lightning node, the...

5CVSS7.3AI score0.01009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/31 12:0 a.m.19 views

CVE-2022-32984

BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using the internal lightning node, the...

7.5AI score0.01009EPSS
Exploits0References1
CVE
CVE
added 2023/01/31 12:0 a.m.73 views

CVE-2022-32984

BTCPay Server 1.3.0–1.5.3 is affected by CVE-2022-32984. The issue allows a remote attacker viewing a publicly exposed Point of Sale app to access sensitive data contained in the HTML source, including the store’s xpub and, if an internal lightning node isn’t used, lightning node credentials. The...

7.5CVSS7.2AI score0.01009EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder