Btcpayserver Btcpayserver vulnerabilities
9 known vulnerabilities affecting btcpayserver/btcpayserver_btcpayserver.
Total CVEs
9
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM8
Vulnerabilities
Page 1 of 1
CVE-2023-0493P2HIGHCVSS 8.8PoC≥ unspecified, < 1.7.52023-01-26
CVE-2023-0493 [HIGH] CWE-76 CVE-2023-0493: Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserve
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
nvd
CVE-2023-1149P4MEDIUMCVSS 5.4≥ unspecified, < 1.8.02023-03-02
CVE-2023-1149 [MEDIUM] CWE-76 CVE-2023-1149: Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserve
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0.
nvd
CVE-2023-0879P4MEDIUMCVSS 5.4≥ unspecified, < 1.7.122023-02-17
CVE-2023-0879 [MEDIUM] CWE-79 CVE-2023-0879: Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.
nvd
CVE-2023-0747P4MEDIUMCVSS 5.4≥ unspecified, < 1.7.62023-02-08
CVE-2023-0747 [MEDIUM] CWE-79 CVE-2023-0747: Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
nvd
CVE-2021-3646P4MEDIUMCVSS 6.1≥ unspecified, < 1.2.32021-09-10
CVE-2021-3646 [MEDIUM] CWE-79 CVE-2021-3646: btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-si
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
nvd
CVE-2023-0748P4MEDIUMCVSS 6.1≥ unspecified, < 1.7.62023-02-08
CVE-2023-0748 [MEDIUM] CWE-601 CVE-2023-0748: Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
nvd
CVE-2023-0810P4MEDIUMCVSS 5.4≥ unspecified, < 1.7.112023-02-13
CVE-2023-0810 [MEDIUM] CWE-79 CVE-2023-0810: Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.11.
Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.11.
nvd
CVE-2021-3830P4MEDIUMCVSS 5.4≥ unspecified, < 1.2.32021-09-26
CVE-2021-3830 [MEDIUM] CWE-79 CVE-2021-3830: btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-si
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
nvd
CVE-2023-1270P4MEDIUMCVSS 5.4≥ unspecified, < 1.8.32023-03-08
CVE-2023-1270 [MEDIUM] CWE-79 CVE-2023-1270: Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.
Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.
nvd