ByteOS

Matching Score-8

CVSS Score-3.8||LOW

EPSS-0.23% / 46.16%

7 Day CHG~0.00%

Published-26 Sep, 2021 | 08:15

Updated-03 Aug, 2024 | 17:09

Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Product-btcpay_server btcpayserver/btcpayserver

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2021-29250

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-5.4||MEDIUM

EPSS-0.27% / 50.37%

7 Day CHG~0.00%

Published-05 May, 2021 | 12:26

Updated-03 Aug, 2024 | 22:02

BTCPay Server through 1.0.7.0 suffers from a Stored Cross Site Scripting (XSS) vulnerability within the POS Add Products functionality. This enables cookie stealing.

Vendor-btcpayserver n/a

Product-btcpay_server n/a

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-0879

Matching Score-8

Matching Score-8

CVSS Score-6.3||MEDIUM

EPSS-0.06% / 18.68%

7 Day CHG~0.00%

Published-17 Feb, 2023 | 00:00

Updated-18 Mar, 2025 | 15:59

Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.

Product-btcpay_server btcpayserver/btcpayserver

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-1270

Matching Score-8

Matching Score-8

CVSS Score-5.1||MEDIUM

EPSS-0.05% / 13.41%

7 Day CHG~0.00%

Published-08 Mar, 2023 | 00:00

Updated-02 Aug, 2024 | 05:40

Cross-site Scripting in btcpayserver/btcpayserver

Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.

Product-btcpayserver btcpayserver/btcpayserver

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-0810

Matching Score-8

Matching Score-8

CVSS Score-8.8||HIGH

EPSS-0.08% / 25.30%

7 Day CHG~0.00%

Published-13 Feb, 2023 | 00:00

Updated-21 Mar, 2025 | 14:35

Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.11.

Product-btcpayserver btcpayserver/btcpayserver

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-0747

Matching Score-8

Matching Score-8

CVSS Score-5.5||MEDIUM

EPSS-0.06% / 18.68%

7 Day CHG~0.00%

Published-08 Feb, 2023 | 00:00

Updated-25 Mar, 2025 | 14:01

Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.

Product-btcpayserver btcpayserver/btcpayserver

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-0493

Matching Score-6

Matching Score-6

CVSS Score-5.3||MEDIUM

EPSS-1.09% / 77.03%

7 Day CHG~0.00%

Published-26 Jan, 2023 | 00:00

Updated-31 Mar, 2025 | 16:46

Improper Neutralization of Equivalent Special Elements in btcpayserver/btcpayserver

Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.