Description
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS breakdown
CVSS 3.0
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Affected products
- btcpayserver / btcpayserver/btcpayserverunspecified – 1.2.3