cve/CVE-2023-1715.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

784 B

Raw Permalink Blame History

CVE-2023-1715

Description

A logic error when using mb_strpos() to check for potential XSS payload in Bitrix24 22.0.300 allows attackers to bypass XSS sanitisation via placing HTML tags at the begining of the payload.

POC

Reference

https://starlabs.sg/advisories/23/23-1715/

Github

No PoCs found on GitHub currently.

784 B Raw Permalink Blame History

CVE-2023-1715

Description

POC

Reference

Github

784 B

Raw Permalink Blame History