Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation
CVE-2023-1713 Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagramphp in Bitrix24 220300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted “htaccess” file starlabssg/advisories/23/2