Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

Valid

Reported on

Sep 6th 2021

✍️ Description

Accept Bitcoin payments. Free, open-source & self-hosted, Bitcoin payment processor this package is vulnerable for xss

🕵️‍♂️ Proof of Concept

💥 Impact

This vulnerability is capable of xss

Occurrences

PullPaymentController.cs L68

Abdul muhaimin

commented 2 years ago

Researcher

@admin already tried to connect them

We have contacted a member of the btcpayserver team and are waiting to hear back 2 years ago

Nicolas Dorier validated this vulnerability 2 years ago

Abdul muhaimin has been awarded the disclosure bounty

The fix bounty is now up for grabs

Nicolas Dorier

commented 2 years ago

Investigating on https://github.com/btcpayserver/btcpayserver/issues/2856

Nicolas Dorier

commented 2 years ago

Addressed by https://github.com/btcpayserver/btcpayserver/pull/2863

Nicolas Dorier marked this as fixed with commit fc4e47 2 years ago

Nicolas Dorier has been awarded the fix bounty

This vulnerability will not receive a CVE

Jamie Slome

commented 2 years ago

Admin

@nicolasdorier - the researcher has requested a CVE for this.

Are you happy for a CVE to be assigned to this report? 📦

Nicolas Dorier

commented 2 years ago

sure

Jamie Slome

commented 2 years ago

Admin

CVE published! 🎊

CVE-2021-3830

Jamie Slome

commented 2 years ago

Admin

https://github.com/CVEProject/cvelist/pull/2990

to join this conversation

Abdul muhaimin

commented 2 years ago

Researcher

@admin already tried to connect them

We have contacted a member of the btcpayserver team and are waiting to hear back 2 years ago

Nicolas Dorier validated this vulnerability 2 years ago

Abdul muhaimin has been awarded the disclosure bounty

The fix bounty is now up for grabs

Nicolas Dorier

commented 2 years ago

Investigating on https://github.com/btcpayserver/btcpayserver/issues/2856

Nicolas Dorier

commented 2 years ago

Addressed by https://github.com/btcpayserver/btcpayserver/pull/2863

Nicolas Dorier marked this as fixed with commit fc4e47 2 years ago

Nicolas Dorier has been awarded the fix bounty

This vulnerability will not receive a CVE

Jamie Slome

commented 2 years ago

Admin

@nicolasdorier - the researcher has requested a CVE for this.

Are you happy for a CVE to be assigned to this report? 📦

Nicolas Dorier

commented 2 years ago

sure

Jamie Slome

commented 2 years ago

Admin

CVE published! 🎊

CVE-2021-3830

Jamie Slome

commented 2 years ago

Admin

https://github.com/CVEProject/cvelist/pull/2990

to join this conversation