Bitrix24Care

Vulnerability: CVE-2022-27228

Vulnerability: CVE-2022-27228.
Publication date: March 21, 2022.

Description:
Insufficient validation of user input allows a remote unauthenticated attacker to execute arbitrary code on a system. It can result in gaining control of the target system.

Solution:
Update the "Polls, Votes" (vote) module to 21.0.100 version.

Additional information:
We express our gratitude to Sergey Bliznyuk (Positive Technologies) for his help in finding the vulnerability.

This helped
Thanks :)
Optional:
Article feedback
This didn't help
Sorry :(
Could you please tell us why:
Article feedback
I still have questions