Multiple high-risk vulnerabilities found in Bitrix24 v22.0.300. These include Remote Command Execution, Cross-Site Scripting, Prototype Pollution, Insecure File Access, and Denial of Service.
CVE-2023-1713 (RCE) (https://starlabs.sg/advisories/23/23-1713/)
CVE-2023-1714 (RCE) (https://starlabs.sg/advisories/23/23-1714/)
CVE-2023-1715 (XSS) (https://starlabs.sg/advisories/23/23-1715/)
CVE-2023-1717 (XSS) (https://starlabs.sg/advisories/23/23-1717/)
CVE-2023-1718 (DoS) (https://starlabs.sg/advisories/23/23-1718/)
CVE-2023-1719 (IDOR) (https://starlabs.sg/advisories/23/23-1719/)
CVE-2023-1713 (RCE) (https://starlabs.sg/advisories/23/23-1713/)
CVE-2023-1714 (RCE) (https://starlabs.sg/advisories/23/23-1714/)
CVE-2023-1715 (XSS) (https://starlabs.sg/advisories/23/23-1715/)
CVE-2023-1717 (XSS) (https://starlabs.sg/advisories/23/23-1717/)
CVE-2023-1718 (DoS) (https://starlabs.sg/advisories/23/23-1718/)
CVE-2023-1719 (IDOR) (https://starlabs.sg/advisories/23/23-1719/)