exploitDog

GHSA-gxgq-96mg-778q

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie.

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie.

Ссылки

EPSS

Процентиль: 58%

0.00372

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2021-29248

CVSS3: 5.3

nvd

почти 5 лет назад

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie.

EPSS

Процентиль: 58%

0.00372

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200