Bitrix24 Helpdesk

Bitrix24 has a new interface. The images in the articles might differ from the current account design. We will update them soon.

Vulnerability: CVE-2022-27228

Vulnerability: CVE-2022-27228.
Publication date: March 21, 2022.

Description:
Insufficient validation of user input allows a remote unauthenticated attacker to execute arbitrary code on a system. It can result in gaining control of the target system.

Solution:
Update the "Polls, Votes" (vote) module to 21.0.100 version.

Additional information:
We express our gratitude to Sergey Bliznyuk (Positive Technologies) for his help in finding the vulnerability.

Was this information helpful?
Integration specialist assistance
That's not what I'm looking for
Complicated and incomprehensible text
The information is outdated
It's too short. I need more information
I don't like the way this tool works
Get your Bitrix24 set up by local professionals
FIND BITRIX24 PARTNER NEAR ME
implementation_helper_man
Go to Bitrix24
Don't have an account? Create for free