Vulnerability: CVE-2022-27228.
Publication date: March 21, 2022.
Description:
Insufficient validation of user input allows a remote unauthenticated attacker to execute arbitrary code on a system. It can result in gaining control of the target system.
Solution:
Update the "Polls, Votes" (vote) module to 21.0.100 version.
Additional information:
We express our gratitude to Sergey Bliznyuk (Positive Technologies) for his help in finding the vulnerability.
Vulnerability: CVE-2022-27228
Author: Emily Walker
Last update: March 21, 2022.
Was this information helpful?
Integration specialist assistance
That's not what I'm looking for
Complicated and incomprehensible text
The information is outdated
It's too short. I need more information
I don't like the way this tool works
Read FAQ
NEW
Bitrix24 Support
Registration and Authentication
How to start
My Profile
Feed
Messenger
Start page: the Vibe
Calendar
Bitrix24.Docs
Bitrix24.Drive
Bitrix24.Mail
Workgroups
CoPilot - AI in Bitrix24
Tasks and Projects
CRM
Contact Center
Sales Center
CRM Analytics (beta)
BI Builder
Sales Intelligence
Inventory Management
Marketing
Sites
Online Store (beta)
CRM + Online Store
CRM Store (beta)
e-Signature
e-Signature for HR
Company
Knowledge base (beta)
Automation
Workflows
Telephony
Market
Subscription
Settings
Enterprise
Desktop App
General questions
Bitrix24 On-Premise