exploitDog

GHSA-wcg2-jvm2-p49v

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.

modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.

Ссылки

EPSS

Процентиль: 35%

0.00141

Низкий

CVE ID

Связанные уязвимости

CVE-2020-13758

CVSS3: 6.1

nvd

больше 5 лет назад

modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.

EPSS

Процентиль: 35%

0.00141

Низкий

CVE ID