CVE-2021-29247

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:btcpayserver:btcpay_server:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-05 13:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-29247

Mitre link : CVE-2021-29247

CVE.ORG link : CVE-2021-29247


JSON object : View

Products Affected

btcpayserver

  • btcpay_server
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource