📦 Bitrix24

This vulnerability allows remote administrators to read Exchange account passwords stored in DAV server settings via HTTP GET requests. It affects Bitrix24 installations running version 23.300.100. Th...

This vulnerability allows remote administrators in Bitrix24 to send SMTP account passwords to arbitrary external servers via HTTP POST requests due to insufficient credential protection. It affects Bi...

This vulnerability allows remote administrators in Bitrix24 to exfiltrate AD/LDAP administrator account passwords to arbitrary external servers via HTTP POST requests. It affects Bitrix24 installation...