Information disclosure

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie...

BTCPay Server 信息泄露漏洞

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server 1.0.7.0 and earlier versions. The vulnerability stems from a failure to set the HTTPOnly flag for cookies. An...

BTCPay Server 安全特征问题漏洞

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server version 1.0.7.0 and prior versions, which stems from a weak method Next to generate pseudo-random values to generat...

BTCPay Server 路径遍历漏洞

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A path traversal vulnerability exists in BTCPay Server version 1.0.7.0 and prior versions, which arises from a failure of a networked system or product to properly filter speci...

BTCPay Server 跨站脚本漏洞

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A stored cross-site scripting vulnerability exists in the "POS Add Products" feature in BTCPay Server 1.0.7.0 and earlier versions. An attacker could exploit this vulnerability...

DUO-PSA-2014-001: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-001 Publication Date: 2014-01-08 Status: Confirmed, Fixed Document Revision: 2 Overview Older versions of the Duo Security Outlook Web Access OWA integration may be vulnerable to a bypass of the second authentication factor. Description Unde...