CVE-2023-1722
Yoga Class Registration System version 1.0 allows an administrator to…
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated…
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows…
Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers…
Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24…
Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22.0.300 allows remote…
Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted…
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior…