Lucene search
K

4 matches found

Circl
Circl
added 2023/11/06 4:50 p.m.10 views

CVE-2023-1716

creationtimestamp| type| source ---|---|--- 2023-11-06 16:50:46+00:00| published-proof-of-concept| https://t.me/itsecnews/3615...

9.6CVSS8.7AI score0.00715EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/11/01 9:3 a.m.30 views

CVE-2023-1716 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)

Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

9CVSS6.4AI score0.00715EPSS
Exploits1References1
CVE
CVE
added 2023/11/01 9:3 a.m.86 views

CVE-2023-1716

CVE-2023-1716 affects Bitrix24 22.0.300 (Invoice Edit Page). The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient input/script neutralization, allowing an attacker to inject and execute arbitrary JavaScript in a victim’s browser; if the victim has administrator privileges...

9.6CVSS8.5AI score0.00715EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/11/01 9:3 a.m.21 views

CVE-2023-1716 Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)

Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

9CVSS8.7AI score0.00715EPSS
Exploits1References1
Rows per page
Query Builder