Tools
Pricing
Solutions
Partners
Apps
Blog
FOR DEVELOPERS New
Read FAQ
NEW
Bitrix24 Support
Registration and Authentication
Bitrix24 Security
Getting started
My Profile
Feed
Messenger
Collabs
Start page: the Vibe
Calendar
Bitrix24 Drive
Bitrix24 Mail
Workgroups
CoPilot - AI in Bitrix24
Tasks and Projects
CRM
Booking
Contact Center
Sales Center
CRM Analytics
BI Builder
Sales Intelligence
Inventory Management
Marketing
Sites
Online Store
CRM + Online Store
CRM Payment
e-Signature
e-Signature for HR
Employees
Knowledge base
Automation
Workflows
Telephony
Market
Subscription
Settings
Enterprise
Bitrix24 Messenger
General questions
Bitrix24 On-Premise
Start for free
Log In
Your Bitrix24
Authorize to enter
your company's Bitrix24.
Enter
Don't have Bitrix24 yet?
Create your Bitrix24 now

Bitrix24 Helpdesk

Bitrix24 Helpdesk
Bitrix24 has a new interface. The images in the articles might differ from the current account design. We will update them soon.

Vulnerability: CVE-2022-27228

Emily Walker
Author: Emily Walker
Last update: March 21, 2022.
Vulnerability: CVE-2022-27228.
Publication date: March 21, 2022.

Description:
Insufficient validation of user input allows a remote unauthenticated attacker to execute arbitrary code on a system. It can result in gaining control of the target system.

Solution:
Update the "Polls, Votes" (vote) module to 21.0.100 version.

Additional information:
We express our gratitude to Sergey Bliznyuk (Positive Technologies) for his help in finding the vulnerability.

Was this information helpful?
Integration specialist assistance
Get your Bitrix24 set up by local professionals
FIND BITRIX24 PARTNER NEAR ME
implementation_helper_man
Go to Bitrix24
Don't have an account? Create for free
Related articles
Webinar on Automation rules and triggers Updated articles: August 2022 CRM forms for product sales Zapier for CRM app Bitrix24 On-Premise with an expired maintenance subscription Units of measurement Access permissions to the company structure Quick actions in calendar events and tasks Tasks in projects: Access permissions Access permissions: Stock receipt
Bitrix24
Bitrix24
Pricing
Media kit
Contact us
In the press
Support
Helpdesk
Webinars
How-to videos
Contact support
Schedule a demo
Bitrix24 Status page
Resources
Blog
Articles
Solutions
Testimonials
Alternatives
Uses
Research
On-premise
On-premise edition
Download
Documentation
Apps
Market
Mobile app
Desktop app
API/developers
Google API Services
Partners
Find a partner
Become a partner
Partner login
You can find the Bitrix24 Cloud and Self-Hosted Service Level Agreement here.
© 2025 Alaio
Privacy Overview

Cookies: This website uses cookies for analytical and technical reasons. ‘Analytical Cookies’ are inserted by Google Analytics to help us understand which countries our visitors come from, which pages they visit and what actions they take on this site. ‘Strictly Necessary Cookies’, as the name implies, are a type of cookies that are required for proper functioning of certain features of this website, such as the ability to use live chat. Disabling these cookies will disable access to those features and degrade your website experience.

Cookies of both types can be enabled or disabled within this plugin.

Cookie Settings
Cookie Policy

More information about our Cookie Policy

We use cookies to enhance your browsing experience - Find out more. By continuing to browse this site you are agreeing to our use of cookies. Change your cookie settings.
Got it