CVE-2023-1720 CRITICAL

CVE-2023-1720: Bitrix24 Stored Cross-Site Scripting (XSS) via File Upload

Vendor Bitrix24
Product Bitrix24
Weakness CWE-434 · Unrestricted file upload
Published November 1, 2023
Last update September 5, 2024

CVSS base score

9.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile.

Key dates

02Disclosure timeline

November 1, 2023 CVE published
September 5, 2024 Record updated