9.6

CVE-2023-1720

Exploit

EPSS 1.02%
Veröffentlicht 01.11.2023 10:15:09
Zuletzt bearbeitet 21.11.2024 07:39:45
Quelle info@starlabs.sg
CVE-Watchlists
Login
Unerledigt
Login

Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bitrix24 ≫ Bitrix24 Version22.0.300

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.02%	0.765

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8	2.1	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
info@starlabs.sg	9.6	2.8	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://starlabs.sg/advisories/23/23-1720/

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-1720

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-1720

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-1720

EUVD