4 matches found
CVE-2023-1716
creationtimestamp| type| source ---|---|--- 2023-11-06 16:50:46+00:00| published-proof-of-concept| https://t.me/itsecnews/3615...
CVE-2023-1716 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)
Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...
CVE-2023-1716
CVE-2023-1716 affects Bitrix24 22.0.300 (Invoice Edit Page). The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient input/script neutralization, allowing an attacker to inject and execute arbitrary JavaScript in a victim’s browser; if the victim has administrator privileges...
CVE-2023-1716 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)
Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...