Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1719 | 1 Bitrix24 | 1 Bitrix24 | 2023-11-09 | N/A | 9.8 CRITICAL |
| Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to (1) enumerate attachments on the server and (2) execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via overwriting uninitialised variables. | |||||
| CVE-2023-1717 | 1 Bitrix24 | 1 Bitrix24 | 2023-11-09 | N/A | 9.6 CRITICAL |
| Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`. | |||||
| CVE-2023-1716 | 1 Bitrix24 | 1 Bitrix24 | 2023-11-09 | N/A | 9.6 CRITICAL |
| Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege. | |||||
| CVE-2020-13484 | 1 Bitrix24 | 1 Bitrix24 | 2020-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL. | |||||