Lucene search
+L

4 matches found

Circl
Circl
added 2023/11/01 1:21 p.m.7 views

CVE-2023-1719

creationtimestamp| type| source ---|---|--- 2023-11-01 13:21:47+00:00| seen| https://t.me/cibsecurity/73309 2023-11-04 17:44:37+00:00| seen| Telegram/993IQTAEI9abMkOWl8mkHJFNRp2-d18TbGN-UxF0pN3nA 2023-11-04 22:44:13+00:00| seen| https://t.me/poxek/3380 2023-11-04 23:56:08+00:00| seen|...

9.8CVSS8.7AI score0.04973EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/11/01 9:4 a.m.19 views

CVE-2023-1719 Bitrix24 Insecure Global Variable Extraction

Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to 1 enumerate attachments on the server and 2 execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim ha...

7.5CVSS7.8AI score0.04973EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/11/01 9:4 a.m.40 views

CVE-2023-1719 Bitrix24 Insecure Global Variable Extraction

Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to 1 enumerate attachments on the server and 2 execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim ha...

7.5CVSS9.9AI score0.04973EPSS
Exploits1References1
CVE
CVE
added 2023/11/01 9:4 a.m.139 views

CVE-2023-1719

CVE-2023-1719 affects Bitrix24 22.0.300 and is caused by overwriting uninitialised variables in bitrix/modules/main/tools.php. This enables unauthenticated attackers to enumerate server attachments, inject arbitrary JavaScript in victims’ browsers, and potentially execute arbitrary PHP code on th...

9.8CVSS8.4AI score0.04973EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder