Security Advisory

CVE-2023-1713

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-01 09:02:18

Last updated 2024-09-05 19:55:42

Assigner STAR_Labs

State PUBLISHED

Description

Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file.

← Browse all CVEs View on cve.org ↗