Btcpay Server Security Vulnerabilities and Issues — Btcpay Server CVE List

Lucene search

BtcpayserverBtcpay Server

4 matches found

CVE•added 2021/04/01 5:15 a.m.•71 views

CVE-2021-29251

BTCPay Server before 1.0.7.1 mishandles the policy setting in which users can register (in Server Settings > Policies). This affects Docker use cases in which a mail server is configured.

6.5CVSS6.4AI score0.00231EPSS

CVE•added 2023/02/17 2:15 a.m.•39 views

CVE-2023-0879

Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.

6.3CVSS5.5AI score0.0006EPSS

CVE•added 2021/09/10 6:15 p.m.•32 views

CVE-2021-3646

btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.1CVSS5.6AI score0.00218EPSS

CVE•added 2021/05/05 1:15 p.m.•24 views

CVE-2021-29246

BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special characters to upload the file outside of the restricted directory.

6.7CVSS6.7AI score0.00414EPSS