The vulnerability of the plugin “Import from XML, YML, JSON. Uploading product catalogs for 1C-Bitrix” allows a perpetrator to execute arbitrary commands.
The vulnerability of the plugin “Import from XML, YML, JSON. Uploading product catalogs for 1C-Bitrix” is related to the failure to take measures to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...