Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-13483

Disclosure Date: June 24, 2020 (last updated February 21, 2025)
The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0