4 matches found
CVE-2020-13758
modules/security/classes/general.postfilter.php/postfilter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload...
CVE-2020-13758
modules/security/classes/general.postfilter.php/postfilter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload...
CVE-2020-13758
modules/security/classes/general.postfilter.php/postfilter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload...
CVE-2020-13758
The CVE-2020-13758 issue affects Bitrix24 Web Application Firewall prior to or up to 20.0.950, specifically the modules/security/classes/general.post_filter.php/post_filter.php. The vulnerability is an XSS flaw introduced by the ability to place a NULL byte (%00) before the payload, enabling an a...