Security Advisory

CVE-2023-1718

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-01 09:04:03

Last updated 2024-09-05 19:44:21

Assigner STAR_Labs

State PUBLISHED

Description

Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".

← Browse all CVEs View on cve.org ↗