Bitrix24 Helpdesk

Vulnerability: CVE-2022-27228

Vulnerability: CVE-2022-27228.
Publication date: March 21, 2022.

Description:
Insufficient validation of user input allows a remote unauthenticated attacker to execute arbitrary code on a system. It can result in gaining control of the target system.

Solution:
Update the "Polls, Votes" (vote) module to 21.0.100 version.

Additional information:
We express our gratitude to Sergey Bliznyuk (Positive Technologies) for his help in finding the vulnerability.

Was this information helpful?
Integration specialist assistance
That's not what I'm looking for
Complicated and incomprehensible text
The information is outdated
It's too short. I need more information
I don't like the way this tool works
Go to Bitrix24
Don't have an account? Create for free
Related articles
Login history Supported payment methods New Bitrix24 release review How to write detailed prompts for CoPilot Automation rules and triggers in Bitrix24 e‑Signature Create a draft message in Feed Updated tools: work with products Locations Mail in mobile CRM File preview in Bitrix24: quick access and possible actions