Vulnerability CVE-2023-1718
Published: 2023-11-01

Description:

Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".

 References:
https://starlabs.sg/advisories/23/23-1718/
Copyright 2026, cxsecurity.com

 

Back to Top