Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bitrix24 Web Application Firewall 跨站脚本漏洞
Vulnerability Description
Bitrix24是美国Bitrix公司的一套企业社交平台。该平台包括在线通讯、日历管理和CRM(客户关系管理)等功能。Web Application Firewall是其中的一个Web应用程序防火墙。 Bitrix24 20.0.950及之前版本中的Web Application Firewall的modules/security/classes/general.post_filter.php/post_filter.php文件存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用
CVSS Information
N/A
Vulnerability Type
N/A