CVE-2021-29251

Name of the Vulnerable Software and Affected Versions: BTCPay Server versions prior to 1.0.7.1

Description: The issue is related to the mishandling of the policy setting for user registration, specifically in Server Settings > Policies. This problem affects Docker use cases where a mail server is configured.

Recommendations: For versions prior to 1.0.7.1, update to version 1.0.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the user registration policy setting in Server Settings > Policies until the update is applied.