What is CVE-2023-0493?

CVE-2023-0493 is a medium-severity vulnerability in Btcpayserver Btcpayserver/btcpayserver, classified under CWE-76. CVSS score: 5.3/10. Published 2023-01-26.

How severe is CVE-2023-0493?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Btcpayserver Btcpayserver/btcpayserver

CVE-2023-0493

Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.

EPSS: 0.100 (93.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Btcpayserver Btcpayserver/btcpayserver — versions unspecified

Weakness classification (CWE)

CWE-76

References

huntr.dev/bounties/3a73b45c-6f3e-4536-a327-cdfdbc59896f
github.com/btcpayserver/btcpayserver/pull/4545/commits/02070d65836cd24627929b34…
packetstormsecurity.com/files/171732/BTCPay-Server-1.7.4-HTML-Injection.html

Frequently asked questions

What is CVE-2023-0493?: CVE-2023-0493 is a medium-severity vulnerability in Btcpayserver Btcpayserver/btcpayserver, classified under CWE-76. CVSS score: 5.3/10. Published 2023-01-26.
How severe is CVE-2023-0493?: Medium severity. CVSS v3 base score is 5.3 out of 10.