bitrix24

Top products

The 15 most recently published vulnerabilities affecting bitrix24.

• CVE-2024-34891Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read Exchange account passwords via HTTP GET request.6.8Nov 4, 2024
• CVE-2024-34887Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server...4.9Nov 4, 2024
• CVE-2024-34885Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read SMTP accounts passwords via HTTP GET request.6.8Nov 4, 2024
• CVE-2024-34883Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-server accounts passwords via HTTP GET request.4.9Nov 4, 2024
• CVE-2024-34882Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send SMTP account passwords to an arbitrary server via HTTP POST request.4.9Nov 4, 2024
• CVE-2023-1720Bitrix24 Stored Cross-Site Scripting (XSS) via File Upload9.6Nov 1, 2023
• CVE-2023-1719Bitrix24 Insecure Global Variable Extraction7.5Nov 1, 2023
• CVE-2023-1718Bitrix24 Denial-of-Service (DoS) via Improper File Stream Access7.5Nov 1, 2023
• CVE-2023-1717Bitrix24 Cross-Site Scripting (XSS) via Client-side Prototype Pollution9.6Nov 1, 2023
• CVE-2023-1716Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (2 of 2)9.0Nov 1, 2023
• CVE-2023-1715Bitrix24 Stored Cross-Site Scripting (XSS) via Improper Input Neutralization on Invoice Edit Page (1 of 2)9.0Nov 1, 2023
• CVE-2023-1714Bitrix24 Remote Command Execution (RCE) via Unsafe Variable Extraction8.8Nov 1, 2023
• CVE-2023-1713Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation8.8Nov 1, 2023
• CVE-2022-43959Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading th...4.9Jan 20, 2023
• CVE-2017-20122Bitrix Site Manager Contact Form cross site scripting3.5Jun 30, 2022