CVE-2023-1719

CVE-2023-1719 affects Bitrix24 22.0.300 and is caused by overwriting uninitialised variables in bitrix/modules/main/tools.php. This enables unauthenticated attackers to enumerate server attachments, inject arbitrary JavaScript in victims’ browsers, and potentially execute arbitrary PHP code on th...

CVE-2023-1719 Bitrix24 Insecure Global Variable Extraction

Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to 1 enumerate attachments on the server and 2 execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim ha...

CVE-2023-1718 Bitrix24 Denial-of-Service (DoS) via Improper File Stream Access

Improper file stream access in /desktopapp/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmpurl"...

CVE-2023-1718

Bitrix24 22.0.300 is affected by an improper file stream access in /desktop_app/file.ajax.php?action=uploadfile, enabling unauthenticated remote attackers to cause a denial-of-service via a crafted tmp_url. The issue appears to be a loop with an inaccessible exit condition in the desktop app file...

CVE-2023-1718 Bitrix24 Denial-of-Service (DoS) via Improper File Stream Access

Improper file stream access in /desktopapp/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmpurl"...

CVE-2023-1717 Bitrix24 Cross-Site Scripting (XSS) via Client-side Prototype Pollution

Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/leftvertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

CVE-2023-1717

Bitrix24 22.0.300 is affected by a prototype pollution vulnerability in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js. Attackers can pollute proto [tag] and proto [text], enabling remote JavaScript execution in the victim’s browser and potentially arbitrary PHP code on ...

CVE-2023-1717 Bitrix24 Cross-Site Scripting (XSS) via Client-side Prototype Pollution

Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/leftvertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

CVE-2023-1716 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)

Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

CVE-2023-1716

CVE-2023-1716 affects Bitrix24 22.0.300 (Invoice Edit Page). The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient input/script neutralization, allowing an attacker to inject and execute arbitrary JavaScript in a victim’s browser; if the victim has administrator privileges...

CVE-2023-1716 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)

Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

CVE-2023-1715 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (1 of 2)

A logic error when using mbstrpos to check for potential XSS payload in Bitrix24 22.0.300 allows attackers to bypass XSS sanitisation via placing HTML tags at the begining of the payload...

CVE-2023-1715 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (1 of 2)

A logic error when using mbstrpos to check for potential XSS payload in Bitrix24 22.0.300 allows attackers to bypass XSS sanitisation via placing HTML tags at the begining of the payload...

CVE-2023-1715

CVE-2023-1715 affects Bitrix24 22.0.300. A logic error in mb_strpos() used to detect potential XSS payload allows bypassing XSS sanitisation by placing HTML tags at the beginning of the payload. The connected PT-2023-6693 documentation confirms Bitrix24 22.0.300 and suggests mitigation steps (e.g...

CVE-2023-1714

CVE-2023-1714 affects Bitrix24 22.0.300; the vulnerability is an unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php, enabling remote authenticated attackers to execute arbitrary code via (1) appending content to existing PHP files or (2) PHAR deserialization. Conne...

CVE-2023-1714 Bitrix24 Remote Command Execution (RCE) via Unsafe Variable Extraction

Unsafe variable extraction in bitrix/modules/main/classes/general/useroptions.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via 1 appending arbitrary content to existing PHP files or 2 PHAR deserialization...

CVE-2023-1714 Bitrix24 Remote Command Execution (RCE) via Unsafe Variable Extraction

Unsafe variable extraction in bitrix/modules/main/classes/general/useroptions.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via 1 appending arbitrary content to existing PHP files or 2 PHAR deserialization...

CVE-2023-1713 Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation

Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file...

CVE-2023-1713

CVE-2023-1713 affects Bitrix24 22.0.300. The vulnerability is in insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php, which allows remote authenticated attackers to execute arbitrary code by uploading a crafted “.htaccess” file. The issue impacts web server execu...

CVE-2023-1713 Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation

Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file...